Security
Security Measures
Protect Your Passwords
Make your passwords as obscure or abstract as possible. Avoid obvious numbers and words, such as a maiden name, birth date, or an anniversary, which would be easy to guess. Never divulge your passwords to anyone, including family or friends.
Don't E-Mail Personal or Health Data
Most email is not secure or encrypted and should not be trusted to send personal or financial information. Email you send from within Member Central (after you have logged in) on Bluecrossma.com, however, is encrypted. This is the most secure way to contact us online. Otherwise, call to speak to a representative.
Steps Blue Cross Blue Shield is taking to Protect You
-
Customer Access to Account Information
No matter how you contact Blue Cross Blue Shield of Massachusetts—online, or by phone—we verify your identity before granting you access to your information. -
Timed Log-Off
Bluecrossma.com automatically logs you off after an extended period of inactivity. This reduces the risk that others could access your information from your unattended computer. -
Firewalls
To block unauthorized access, all our computer systems are protected by firewalls, electronic barriers that prevent unauthorized access to our networks.
Encryption
Blue Cross Blue Shield of Massachusetts employs some of the strongest methods of encryption commercially available today. All online activity involving personal or sensitive information is encrypted from the point it leaves your computer until it enters our systems. For your general online security, be sure you see the letter "s" at the end of "https" at the beginning of the URL address before entering any sensitive information, indicating the site is secure (e.g., "https://www.bluecrossma.com"). Similarly, another indication that a website is secure is a padlock icon in the lower right corner of your browser.
Phishing
Protect Yourself from Phishing Scams
Phishing is the mass e-mailing of messages that falsely cl aim to come from a legitimate business. These messages often provide links to phony Web sites, where you are asked to supply personal information such as passwords, credit card numbers, Social Security numbers, or bank account numbers.
Finally, know that Blue Cross Blue Shield of Massachusetts will never e-mail you requesting that you confirm your personal information or password.
Never enter personal information unless you are sure the website is legitimate. You should also be certain the site is encrypted. Look for the letter "s" at the end of "https" at the beginning of the URL address. An example of such a URL address is "https://www.bluecrossma.com." This ensures that the site is running in secure mode.
How to Recognize Phishing E-Mail
Phishing messages have evolved drastically over the last year, and they are often difficult to recognize. The creators now incorporate realistic company logos and graphics, provide links to the real company's privacy policies, and even include "legal disclaimer language" at the bottom.
To help determine if email is part of a phishing scam, ask yourself the following:
-
Do I have a relationship with this company?
-
Would I expect this company to contact me this way?
-
Would I expect this company to use this tone or make this request?
If you are at all unsure, contact the company by phone.
How to Protect Yourself from Malware and Viruses
Common types of malware are:
Spyware
Software that may be installed on a computer without the user's consent to monitor use, send pop-up ads, redirect a computer to certain websites, or record keystrokes, which could lead to identity theft.
Trojans
Software disguised to perform one legitimate action, but actually performs another often malicious one such as enabling unauthorized people to access the affected computer through a backdoor and sometimes to send spam from it.
Viruses
A program that is attached to a file or program so it can spread from one computer to another often without the user's knowledge — often through an e-mail attachment. Some viruses are programmed to be extremely damaging, while others are programmed to have annoying effects.
Steps you can take to protect yourself from these types of dangers are:
-
Create a hard to guess password and make it unique
-
Change your password periodically
-
Keep your browser and Operating System up to date
-
Update your anti-virus software regularly
-
Use a personal firewall
Update on the Shellshock Bash Software Vulnerability
We are aware of the recent vulnerability from the Shellshock Bash software bug. Our analysis shows that no data has been compromised due to this vulnerability. We will continue to monitor all of our systems and take this threat seriously. The security and privacy of your data is of the utmost importance to us.
Unsupported Applications
For security reasons to guard the safety of your data, access to this website is limited to SSL-capable browsers such as:
-
Internet Explorer 6.0+ (download: Windows)
Under no circumstance should you use any software, program, application or any other device to access or log-in to this website, or to automate the process of obtaining, downloading, transferring or transmitting any content to or from our computer systems, website or proprietary software.
Browsers & Security
Any time you enter or provide personal information on this website, it is encrypted using Secure Socket Layer ("SSL") technology. SSL protects information as it crosses the Internet. To support this technology, you need an SSL-capable browser. It is recommended that you use a strong encryption, 128-bit browser such as Microsoft's Internet Explorer 9 or higher or Firefox 4 or higher. These browsers will activate SSL automatically whenever you begin shopping for a plan on this website and when you return to this website to complete an application.
You can tell if you are visiting a secure area within a website by looking at the symbol on the bottom of your browser screen. If you are using Internet Explorer, Firefox or Chrome, you will see either a lock or a key. When the padlock is in the locked position, your session connection is taking place via a secure server.
If you need a strong encryption browser please download one of the following browsers:
-
Internet Explorer 6.0+ (download: Windows)
The use of beta browser versions is not recommended.
Links to Other Internet Sites
This site also includes links to other Internet sites. These links are provided as a convenience only. Blue Cross Blue Shield of Massachusetts does not endorse the products or any of the views expressed in these other sites. Nor does Blue Cross Blue Shield of Massachusetts warrant the accuracy of any of the information in these other sites. The sites are owned and controlled by other parties and each will have its own privacy and security policies, which may differ from those of Blue Cross Blue Shield of Massachusetts. Your access to and use of any other Internet sites, including the information, services, products, and materials on them, is solely at your own risk.