Yahoo is close to reaching a $117.5 million settlement in a class-action lawsuit over a series of data breaches that affected users between 2012 and 2016 — and your employees are potentially eligible for a $100 check and/or free credit monitoring if they had an account during that period.
From 2012 through 2016, several hacks penetrated Yahoo systems and stole billions of records.
While the $117.5 million is not nearly as big as the $700 million settlement that credit agency Equifax agreed to for its 2017 data breach involving 147 million records, it's still enough of a phish bait to use social engineering and deceive people in disclosing their personal information. Bad guys are going to benefit from Yahoo Settlement phishing scams.
They are going to promote not only cash, but Yahoo is also offering two years of free credit-monitoring services to anyone who had a compromised account. If the money sounds better, they can ask for a cash payment of $100 as long as they verify that they've already signed up for a credit-monitoring service.
The bad guys are going to use the "urgency" trick. The settlement is a set amount, meaning there’s only so much cash to go around. If too many people sign up for the cash option, they will have to split the pool. If someone had to spend time or money dealing with identity theft or other problems they believe stemmed from the Yahoo hacks, they can file a claim for up to $25,000 in out-of-pocket losses. All in all, enough bait to trick people.
Link to source article here.