4 cyberscams for hospitals to watch out for

2) Fake invoices
Business email compromise—in which a scammer infiltrates or spoofs legitimate email accounts to redirect money—is “one of the most financially damaging online crimes,” according to the Federal Bureau of Investigation.

In some cases, a scammer will break into a finance worker’s email account and spend weeks learning the patterns of when and how certain companies tend to send invoices. Then, they’ll set up a filter to automatically direct future invoices into a “trash” or “spam” folder—and either change the routing and bank account numbers before placing it back in the inbox, or generate their own message and invoice that looks the same, but with their own financial information.

If a scammer has infiltrated email addresses of top executives or supervisors, they can even create fake email exchanges pretending to approve the change in payment, to make it look more believable.

“It looks perfectly legitimate. The email is normal—the invoice looks great, no problems,” said Drex DeFord, healthcare executive strategist at cybersecurity consulting firm CI Security and a former health system chief information officer. So the employee processes the invoice and pays it.

To prevent against that type of scam, he suggested hospitals establish processes that flag changes to payment methods and confirm adjustments with vendors directly before processing.

“Have good processes built,” DeFord said. “If you follow (the) processes, it becomes way harder to fall for one of these scams.”

3) Fake email requests
Email phishing, where a cybercriminal sends a message while posing as a trusted source, such as a CEO, isn’t new. But scammers are getting more sophisticated in how they make their messages appear legitimate, reviewing previous messages from the person they’re imitating and gleaning information from social media to personalize the email.

They might imitate an employee’s direct supervisor or even an executive, while asking them to wire money for a supposedly pending transaction or to buy gift cards for an upcoming event.

Scammers sending phishing emails have also tried to prey on the urgency around the COVID-19 crisis, posing as if they’re selling gloves and masks amid a shortage of such supplies.

“A lot of the time, phishing emails are going to rely on a certain emotion,” said James McQuiggan, a security awareness advocate at IT security training company KnowBe4.

If something seems unusual, employees should be encouraged to trust their gut and double-check with executives to get a clear sign-off on the transaction they’ve been asked to make—particularly if it’s for a large sum of money. “Trust, but verify,” McQuiggan said. “Sometimes it takes a couple extra seconds to save what potentially could be millions lost.”

4) Fake job listings
Scammers will advertise job listings that organizations aren’t actually hiring for and work their way through a fraudulent hiring process—all the way through interviewing applicants and sending a fake job offer. The scammers then collect the victim’s personal and banking information when they accept the fake job.

Even though the scammers aren’t targeting hospitals directly in these scams, it can hurt an organization’s reputation.

Hospitals’ HR departments should regularly monitor mentions of the organizations’ job listings online in an effort to catch these scams, DeFord suggested. “If you’re mentioned, and it’s something like this, get on it right away,” he said, recommending hospitals report incidents to the FBI and local law enforcement. “Try to get these things nipped in the bud.”



Source link

Blog article

New conservative target: Race as factor in COVID treatment

Some conservatives are taking aim at policies that allow doctors to consider race as a risk factor when allocating scarce COVID-19 treatments, saying the protocols discriminate against white people. The wave of infections brought on by the omicron variant and a shortage of treatments have focused attention on the policies. Medical experts say the opposition […]

Read More
Blog article

CVS Caremark agrees to settlement over transaction fees

The Oklahoma Insurance Department has entered into a settlement agreement with CVS Caremark over transaction fees the pharmacy benefit manager charges pharmacists to process Medicare Part D and group health plan claims, the agency announced Thursday. The CVS Health subsidiary will pay $4.8 million to settle the alleged violations of the state’s Patient’s Right to […]

Read More
Blog article

How to choose a quality bong?

There are bongs around with just about any shape, size or color you can imagine. Unfortunately, most bongs on the market today do not live up to their expectations of smoothness and potency. The bong industry is flooded with bongs made of cheap glass with wild claims of functionality attached to them. Many users avoid […]

Read More