Tag: Cyber Scams
FBI and HHS release Joint Cybersecurity Advisory
The Federal Bureau of Investigation (FBI) and the U.S. Department of Health and Human Services (HHS) have issued a joint cybersecurity advisory (CSA) to share known indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) associated with a social engineering campaign. The campaign focuses on healthcare, public health entities, and providers, recognizing healthcare organizations as prime targets for hackers due to their large scale, reliance on technology, access to personal health information, and the significant consequences of disruptions in patient care.. ~Ann Ribeiro, Industrial Cyber News Editor
Beware of Phony TMB, DEA Agents
The Texas Medical Board (TMB) continues warning physicians to be on alert for scammers involving criminals who pose as officials from TMB or other state and federal agencies.
“In some instances callers may claim to be employees with the Texas Medical Board, DEA, FBI or other law enforcement entity and may even attempt to spoof agency phone numbers or send documents on official-looking letterhead demanding money,” TMB said in its alert. “Please know the TMB would never call and make such requests for sensitive information over the phone or send demand letters for money to reinstate licenses or threaten the arrest of licensees. The TMB does not suspend licenses at the direction of the DEA, FBI or other federal entity. Additionally, the TMB has no authority to issue, cancel, or influence arrest warrants as some scams have indicated.”
According to the DEA notice, the criminals mask their telephone number on caller ID by displaying the DEA Registration Support 800 number. A real DEA employee would not contact a registrant and demand money, or threaten to suspend someone’s registration over the phone, the DEA says. FBI has issued similar fraud alerts.
If you receive such a call from someone claiming to be either a DEA or TMB official, report it using the DEA’s online extortion scam reporting form here.
FBI Warns Healthcare Sector of Surge in Payment Scams
Cybercriminals are stealing multimillion-dollar payouts from healthcare payment processors by compromising user login credentials, the FBI warns the healthcare industry.
In recent incidents, cybercriminals used employees’ publicly available personally identifiable information and deployed social engineering techniques to impersonate care providers and gain access to healthcare portals, payment information and websites, the FBI says.
In April, an unnamed healthcare company with more than 175 medical providers discovered that a threat actor had posed as an employee and changed automated clearinghouse instructions of one of the entities’ payment processing vendors to direct payments to the cybercriminal.
“Cybercriminals are incredibly patient and have been known to spend months or longer learning about individuals and organizations in order to gain access, and then once they have access, further biding their time to gain more knowledge that allows them to increase the severity and magnitude of their crime,” he says.
Indicators of Compromise
The FBI advises entities to watch for any of a number of potential indicators that cybercriminals are attempting to gain access to user accounts.
The indicators include:
- Phishing emails targeting the financial departments of healthcare payment processors;
- Suspected social engineering attempts to obtain access to internal files and payment portals;
- Unwarranted changes in email exchange server configuration and custom rules for specific user accounts;
- Requests within a short time frame for employees to reset passwords and multifactor authentication phone numbers;
- Employees reporting they are locked out of payment processor accounts due to failed password recovery attempts.
Recent Comments