I am constantly amazed at how sophisticated attacks have become targeting the healthcare industry. We’re talking big money – millions of dollars – of ransomware payments made by hospitals. Insurance companies paying huge settlements from breaches exposing patient data.
This year, it’s been a riot of attacks targeting healthcare organizations and consumers. Organized syndicates have capitalized on our COVID pandemic fears and situations. They’re succeeding and unfortunately, it’s not stopping.
Federal regulatory agencies loosened restrictions around telemedicine to allow for remote and virtual care via video conferencing applications (Zoom, FaceTime). Patients received their care and proceeded to share their medical information and payment transactions online from their mobile or computing devices.
The rise of digital medical devices, patient wellness applications, and third-party health intermediaries came into active play. Combined, these situations opened new attack methods and exposed vulnerabilities used by criminals. Their malicious activities succeeded in stealing valuable Social Security numbers, financial information, insurance numbers and even passwords.
So how are they accomplishing this? Same way as they always have, through phishing, email scams, telemarketing calls, text messages, fake websites and scams on social media platforms. Here are some examples of recent cyber activities. It’s not an exhaustive list yet everyone should be on high alert for these types of attacks.
- Scams about COVID-19 self-testing kits
- Fake emails selling COVID-19 related medications or fake healthcare benefits
- Fake offers of COVID-19 tests to Medicare beneficiaries in exchange for personal info
- Spoofing phone scams where criminals pose as healthcare workers
- Fake COVID-19 cures or treatments sold online
- Phishing emails under guise of communications from the World Health Organization or the Centers for Disease Control and Prevention
- Fake charities and non-profits raising money and COVID relief support
- Scams around annual healthcare enrollment
So what can you do to protect yourself.
- Be suspicious of any unexpected calls or visitors offering COVID-19 tests, supplies or medical assistance. If you receive a suspicious call, hang up immediately.
- Do not respond to, or open hyperlinks in, text messages, social media or emails about COVID-19 from unknown individuals.
- Ignore offers or advertisements for COVID-19 testing or treatments on social media sites.
- If you make an appointment for a COVID-19 test online, ensure the location is an actual testing site.
- Do not give your personal or financial information to anyone related to COVID-19 unless verified, authentic medical practioner or healthcare institution.
- Be aware of scammers pretending to be COVID-19 contact tracers, insurance claim personnel or third-party healthcare professionals unless carefully vetted.
- For telemedicine session, use a secure wifi connection and keep anti-virus software updated.
Final words, stay safe, wear a mask and be healthy! We’re here to help.
Subscribe To Our Newsletter!
The best source of information for Security, Networks, Cloud, and ITOps best practices. Join us.
Thank you for subscribing!