Medicare / Healthcare Impersonation Scam
Attack Trigger
Fear of losing healthcare coverage or free benefits offer targets seniors specifically
What Attackers Want
Medicare number + SSN used for medical identity theft worth thousands
How This Attack Works
Scammers impersonate Medicare, CMS, or insurance agents to collect Medicare numbers, Social Security numbers, and banking details from seniors. They offer free medical equipment, "new Medicare cards," or extra benefits as lures. Collected data is used for medical identity theft, fraudulent billing, and financial account access.
Red Flags to Watch For
- ✗Medicare never contacts beneficiaries by email or unsolicited phone call
- ✗Offer of free medical equipment in exchange for your Medicare number
- ✗Request for Social Security Number to "issue" a new card
- ✗Threat that benefits will be cut off immediately unless you verify your details
- ✗Caller claims to be from "Medicare headquarters" — no such entity exists
- ✗Sender is not from @cms.hhs.gov
Known Malicious Domains
These domains have been associated with this attack. Never click links going to these addresses.
- medicare-enrollment-update.comMALICIOUS
- cms-benefits-verify.netMALICIOUS
- medicare-card-replacement.comMALICIOUS
- health-insurance-renew.netMALICIOUS
Glance automatically blocks emails from domains on this list. Domain list is not exhaustive — attackers register new domains continuously.
How Glance Stops This
- Domain similarity analysis catches lookalike sender addresses at millisecond speed
- SPF / DKIM / DMARC validation flags authentication failures before you ever see the email
- VirusTotal + Google Safe Browsing checks every link in real time
- Urgency language detection scores the email higher for manual review
- Known malicious domain blocklist updated continuously from live scan data
Don't wait to get hit.
Glance scans every incoming email against 12 detection layers — including the exact tactics described above — before it reaches your inbox.
Protect My Inbox — Free