The Delaware Department of Insurance published a bulletin warning licensees of a phishing campaign targeting National Insurance Producer Registry (NIPR) clients.
The emails typically claim that the client has a past-due invoice from NIPR, and appear to come from an official domain such as @nipr.com, @naic.org, or @stripe.com. NIPR warns that if you receive a suspicious email, do not open any attachments or any links, and do not submit payments.
Warning signs to look for in emails include receiving an unexpected invoice, urgent language demanding immediate payment, hyperlinks that lead to unofficial domains, and misspellings and unusual formatting.
Licensees should report suspicious emails to their IT department, and ensure staff are trained to recognize phishing attempts. If unsure about the authenticity of an email received from NIRP, producers can contact NIRP directly at [email protected].
The bulletin can be found here.