The FBI issued a security alert regarding a rise in phishing and social-engineering scams targeting both patients and healthcare providers, where criminals pose as health insurers. These fraudulent communications seek sensitive data, like medical records and bank account information. Experts highlight that the healthcare sector's complex processes make it particularly vulnerable to such schemes, compounded by criminals using previously leaked data to enhance their credibility. The FBI emphasizes the importance of verification when receiving requests for sensitive information.
Criminals masquerading as insurers are tricking patients and healthcare providers into handing over medical records and bank account information via emails and text messages, according to the FBI.
The messages are designed to pressure victims into disclosing protected health information, medical records, personal financial details, or providing reimbursements for alleged service overpayments or non-covered services.
They use stolen information - anything from a partial SSN to the details of a recent vendor transaction - to build a false sense of trust with their target.
The single most effective defense is to verify requests out-of-band.
Collection
[
|
...
]