Fraud Warning

Fraud / Scam Alerts

The Internal Revenue Service (IRS) has alerted tax professionals and their clients to stay vigilant against IRS phishing emails, free offers, and other common tricks by scammers. Currently cybercriminals are combining several tactics to create a complex scheme that victimizes both tax professionals and taxpayers. The cybercriminal impersonates a legitimate cloud-based storage provider by sending an email that entices the tax professional to provide their logon credentials. With access to the tax professional’s account, the cybercriminal steals client email addresses. The cybercriminal then impersonates the tax professional and sends emails to their clients, attaching a fake IRS insurance form and requesting that the form be completed and returned. The cybercriminal receives replies by fax and/or by an email very similar to the tax professional’s email – using a different email service provider or a slight variation to the tax professional’s address. 

The subject line varies but may be “urgent information” or a similar request. The awkwardly worded text of the email states: 

Dear Life Insurance Policy Owner, 
Kindly fill the form attached for your Life insurance or Annuity contract details and fax back to us for processing in order to avoid multiple (sic) tax bill (sic). 

Security

What We Do –AIG’s Approach to Information Security 

AIG recognizes the importance of information security as a key element of maintaining a resilient business. To respond to the evolving threat landscape, AIG has adopted a risk-centric approach to information security. In simple terms, we focus on (i) protecting your information and (ii) ensuring the availability and security of your data.

AIG is committed to continually developing and honing our overall security capabilities and putting the security and safety of your data at the forefront of our efforts. For further information, please see our privacy notice

AIG seeks to:

  • Protect of your confidential information as required by law
  • Utilize appropriate measures to defend against any anticipated threats and hazards 
  • Utilize appropriate safeguards to provide protection against unauthorized disclosure, access, or misuse 
  • Adhere to data privacy laws and regulations applicable to your country

How AIG protects your accounts

At AIG, we take various measures to protect your account from unauthorized access. Below are some examples of measures we may utilize to better protect your information.

  • Intelligence Driven Risk Management: Dedicated professionals monitor information security intelligence, leverage information security tools, and enact processes and procedures designed to secure networks and access points. Threat intelligence plays a crucial role in our strategic business planning – with informed investments in security, our capabilities can align to counter the evolving threat landscape.
  • Data and Identity Access Management: We use identity and access management controls to help protect AIG’s information and systems through the management of worker access to systems and data. AIG remains focused on secure privileged access and enhanced authentication capabilities.
  • Proactive Security Practices: Having a proactive, defense-in-depth approach to our security efforts allows us to be more vigilant and adaptive to the evolving threat landscape. This approach helps us improve visibility into the AIG environment by establishing further transparency into cyber threats through maturing security monitoring capabilities and existing toolsets. We also work to enhance security vulnerability remediation by augmenting the security of internet-facing applications and improving overall cloud security.
  • Security Posture and Assurance: Validation of the AIG security posture is conducted using a multifaceted approach. Assurance is obtained from independent internal and external organizations to assess the effectiveness of our control environment. Issues are prioritized based on AIG’s defined risk criteria and tracked to remediation.
  • Workforce Training and Awareness: Protecting the safety, including the confidentiality, availability, and integrity of information assets is a priority at AIG. Whether we are working with customer data, employee data, or AIG proprietary information, AIG is committed to delivering ongoing user cybersecurity awareness training designed to help protect our assets and information.

What You Can Do to Protect Yourself

For more information, including for resources about measures you can take to better protect yourself against fraud and cyber crime, visit AIG’s Cyber & Information Security page. 

More Information

Insurance fraud can encompass any suspicious, fraudulent and/or illegal activity committed against AIG and related to AIG’s business. The most common types of suspicious activity and insurance fraud schemes are: claims fraud; underwriting/application fraud; provider fraud; premium fraud; producer / broker fraud and employee fraud.

Toward that end, AIG's Global Investigative Services maintains a Special Investigative Unit (SIU) consisting of a significant number of fraud investigators who are geographically dispersed and highly skilled at handling reports of suspicious insurance activity. The SIU investigates referrals, tips and leads as appropriate, and makes reports of suspected fraud to the authorities, as required, for further government investigation and potential prosecution.  AIG takes its responsibility as a partner in this overall fight against insurance fraud very seriously. These anti-fraud efforts are designed to safeguard AIG’s corporate assets, preserve the Company’s reputation, improve deterrence of fraud in the industry, and generally benefits our customers and the public.
     
Any person who suspects that Insurance Fraud against AIG is occurring, has occurred or will occur, should report the matter to AIG’s Global Investigative Services via e-mail to ReportFraud@aig.com or call (in the U.S.) 1-866-228-2436. to the extent tips and referrals are received, AIG takes every possible measure to keep all e-mails and calls confidential. AIG appreciates your critical assistance in this fight against insurance fraud.

Other Resources

Types of Insurance Fraud

Underwriting Fraud

Occurs where an insurance application or supporting documentation contains a material misrepresentation or omission of facts bearing on the nature or extent of the risk for which coverage is sought. It induces an underwriter to rely upon the misrepresentations and issue coverage or certain terms that otherwise would not have been issued had the true facts been known. It also may occur when insureds or producers issue false certificates of insurance to third parties who misrepresent the terms and conditions of an otherwise legitimate policy.

Premium Fraud

Occurs where an insured intentionally misrepresents facts related to the “exposure” upon which the underwriter has calculated, quoted and/or adjusted the premium in order to obtain a lower premium. For example, workers’ compensation premium fraud occurs when an insured misrepresents the amount of its remuneration, misclassifies its payroll and/or employees’ job functions, and/or misrepresents actual employees as independent contractors in order to exclude them for premium purposes.

Provider Fraud

Involves a legitimate or fabricated loss by the claimant, where the provider either fabricates the services provided, bills the carrier for more expensive services than was necessary or rendered, or makes referrals to other providers for unnecessary services.

Claims Fraud

Includes circumstances where a claimant has fabricated a loss, or has submitted a legitimate loss but intentionally misrepresents the nature or extent of the loss or associated damages.

Producer Fraud

Includes any scenario described above, if perpetrated primarily by a broker or agent, with or without the insured’s knowledge. It also includes instances where the producer steals the premium or had its license revoked or suspended but continues to engage in otherwise legitimate but unauthorized practices.

Internal Employee Fraud

Occurs where any alleged misconduct or suspicious, fraudulent and / or illegal activity suspected of being committed against AIG by an employee who either acts alone, or in concert with other third parties.