A follow-up to last week’s security email, because cybercriminals are stepping up their game.
Recently, we’ve received reports about suspicious account activity, including robocalls falsely claiming to be from Clarity and unrecognized changes to account information. And Clarity isn’t alone. Many benefit providers and financial institutions are seeing a similar surge in fraudulent activity.
While we already have robust security measures in place to protect your data, we’ve taken additional steps to strengthen our defenses and ensure your account stays secure. This article is meant to provide a deeper look into the current threat landscape and share what we’re doing to protect you.
It’s Not Just You, Attacks Are Surging Nationwide
Cybercriminals are becoming more organized and sophisticated. Here’s a snapshot of what’s happening across the industry:
- Phishing attacks targeting the financial sector rose 22% in 2024, making up 31% of all phishing activity worldwide. These emails often look legit and aim to steal login credentials or plant malware. (source)
- Business Email Compromise (BEC) scams led to $6.7 billion in global losses last year, using spoofed emails that convincingly mimic coworkers or company reps to trick people into transferring money or sharing sensitive data. (source)
- Call spoofing and voice phishing (“vishing”) are up 80% year-over-year, with scammers using robocalls and even AI-generated voices to impersonate support teams or financial reps. One recent scam used a deepfake video call to defraud a company out of $25 million. (source)
- Account takeover (ATO) fraud resulted in $15.6 billion in losses in 2024, up from $12.7 billion in 2023. These attacks involve unauthorized access to user accounts, leading to fraudulent transactions and data breaches. (source)
- In 2024, 99% of monitored organizations experienced ATO attempts, with 62% experiencing at least one successful attempt. (source)
How Do Fraudsters Get Personal Account Information?
We understand that participants may wonder: How are these attackers getting access to personal data in the first place?
Much of the personal information used in these scams is bought and sold on the digital black market — an underground network where stolen data is shared and repackaged by criminal groups.
Here’s how it typically works:
1. The Supply Chain of Stolen Data
Attackers harvest personal data — names, email addresses, Social Security numbers, and even login credentials — from a variety of sources:
- Data breaches at third-party companies (retailers, banks, healthcare providers)
- Phishing scams that trick individuals into handing over credentials
- Malware installed on personal devices through suspicious links or apps
This information is then sold in bulk on the dark web, often bundled with additional data to build complete “identity kits.”
2. AI + Automation = Smarter Attacks
With the help of AI, fraudsters can:
- Personalize phishing emails to seem more legitimate
- Clone voices or even video footage for phone or video scams
- Identify and exploit weak points in security faster than ever before
3. A Global Network of Criminals
These aren't isolated scammers — they’re often part of global fraud rings that:
- Share stolen data
- Exchange scripts and tools
- Operate call centers posing as legitimate institutions
So, when someone receives a convincing robocall or email that seems to “know too much,” it’s likely the result of this behind-the-scenes criminal ecosystem, not a direct breach of a specific provider.
Quick Recap: What Last Week’s Email Covered
We recently shared tips to help protect your account. Here's a brief reminder:
- Use strong, unique passwords and change them regularly.
- Monitor your account and report anything suspicious immediately.
- Be skeptical of unsolicited emails or calls, especially those requesting personal info.
- Always log in via the Clarity Portal or Mobile App.
- Treat your benefit card like a credit card — don’t share or store it carelessly.
- Avoid public Wi-Fi when accessing your account.
Watch the Domain — But Don’t Panic
Another important tip: always double-check the domain of the email sender. Fraudsters often use email addresses that look similar to legitimate ones, swapping a letter or using a fake domain to trick you.
For example, you might see something like @clar1tybenefitsolutions.com or @claritybenefitsolution.com, both of which are not from us.
We know this can get tricky because you may receive legitimate emails from Clarity that aren’t sent from @claritybenefitsolutions.com. That’s because we use secure, trusted platforms for specific types of communication, like:
- Transaction or claim information
- Account updates
- Secure document delivery
These platforms may send emails from different domains, such as wealthcare.com.
What to do if you’re unsure:
- Look for consistency in the content, formatting, and branding
- Check whether the message matches what you’re expecting from Clarity
- When in doubt, forward the email to our support team or contact us directly through the Portal or App
Bottom line: If something feels off — whether it’s the sender, tone, or timing — trust your instincts and verify it with us.
What Clarity Is Doing to Keep You Safe
At Clarity, we take a proactive, layered approach to security, and in light of recent reports, we’ve added new safeguards to give you even more protection.
Here’s what we’ve put in place:
- Mandatory notifications for all participants
You are the first line of defense. That’s why we no longer allow participants to opt out of account alerts. Any time your information is updated — whether it’s a login, password, or contact detail — you’ll receive an automatic notification. Timeliness is key, and we want to make sure you have every opportunity to spot something suspicious before it escalates. - Continuous monitoring and real-time fraud detection
Our systems are always on, scanning for unusual activity, logins, or transaction patterns. - Data encryption and masking for sensitive information
All personal data, including Social Security numbers, is encrypted and only partially visible, even to internal teams. - Confirmation emails for all account changes
If anything is changed, both the old and new email addresses are notified, so you’re never left in the dark. - Compliance, training, and prevention
We maintain full compliance with HIPAA, SOC 2, and SOX regulations, and our team undergoes ongoing training to stay ahead of evolving threats. - No robocalls — ever
If you receive a call that sounds automated or suspicious, it's not from Clarity. An actual team member will always be the one who reaches out.
Final Thoughts: You’re Part of the Security Team
Cybercriminals may be relentless, but so are we — and so are you. The more you know, the safer we all are. Staying alert, reporting anything suspicious, and taking small security steps each day can make a big difference.
If you ever feel unsure about a message, a call, or a transaction, don’t hesitate to reach out to us. It’s always better to double-check, and we’re always here to help.