Scammers are targeting both patients and health care providers in a new phishing attack designed to steal your sensitive personal and financial data, according to a new alert from the FBI.
As reported by BleepingComputer, the federal law enforcement agency recently put out a public service announcement warning that scammers and other cybercriminals are currently impersonating health insurance companies and their respective fraud investigators in an effort to steal customer data.
According to the FBI, the scammers behind this new campaign are sending out phishing emails and text messages with the hope that potential victims will disclose their “protected health information, medical records, personal financial details” or even provide “reimbursements for fake service overpayments or non-covered services.”
Brand impersonation is nothing new for cybercriminals, but by targeting patients directly, they might be able to trick some people into giving up the kind of information that can be used to commit fraud or even medical identity theft.
Given that providing sensitive healthcare information via email or text is a clear HIPPA violation in most cases, this is a major red flag that you’re not dealing with an actual health insurance company or even their fraud investigators.
Still, for the FBI to issue a public service announcement, this means that this isn’t the type of threat to take lightly and that some patients and even health care providers have fallen for this phishing attack.
How to stay safe from phishing
To help Americans avoid falling victim to this new phishing scam, the FBI has provided some guidance on the matter in its public service announcement.
For starters, you should always be wary of unsolicited emails, text messages and calls asking for your personal information. Likewise, if you do come across one of these emails or messages, you shouldn't click on any links they contain as they could be malicious.
To keep your medical accounts safe from scammers and hackers, you want to use strong and unique passwords for all of them. You never want to reuse a password and if you have trouble coming up with complex passwords for your accounts or remembering them, you might want to consider using one of the best password managers instead.
Since phishing messages could contain malware or other viruses, you want to make sure that you’re using the best antivirus software on your Windows PC or the best Mac antivirus software on your Apple computer.
There’s a lot that hackers and scammers can do with sensitive medical information and personal data, so I doubt this is the last time we will see an attack like this. For this reason, you want to make sure that you’re extra careful when dealing with any emails or text messages claiming to come from your healthcare provider.
