Cybercriminals are employing aggressive tactics to steal personal information to commit healthcare fraud. The FBI issued a warning last week to alert the public and the healthcare industry about these rising risks.

Aggressive Tactics of Healthcare Fraud

The tactics include every means of communication: phone calls, texts, and email. They often look and sound real, even familiar, to the person receiving the message. Cybercriminals are sophisticated and will often impersonate trusted sources, such as insurance companies, healthcare providers, or credit card companies. They’ll use emotional tactics to create a sense of urgency.

From the FBI:

“These criminals are sending emails and text messages to patients and health care providers, disguising them as legitimate communications from trusted health care authorities.”

The tactics include high pressure:

“The messages are designed to pressure victims into disclosing protected health information, medical records, personal financial details, or providing reimbursements for alleged service overpayments or non-covered services.”

Healthcare Fraud is a Federal Crime

Healthcare fraud is profitable which is why it remains such a high risk for patients and providers. Yesterday the U.S. Department of Justice announced the takedown of 324 defendants with criminal charges for healthcare fraud.

The defendants include 96 doctors, nurse practitioners, pharmacists, and other licensed medical professionals, in 50 federal districts and 12 State Attorneys General’s Offices across the United States, for their alleged participation in various healthcare fraud schemes involving over $14.6 billion in intended loss.

According to Becker’s Hospital Review the largest of the schemes, known as Operation Gold Rush,

“involves the biggest alleged loss in any healthcare fraud case brought by the department. The $10.6 billion scheme involved 19 defendants — 12 of whom have been arrested, including four in Estonia. Prosecutors say the group used foreign straw owners, including individuals sent to the U.S., to buy dozens of medical supply companies. They allegedly submitted a surge of fraudulent Medicare claims for urinary catheters and other durable medical equipment using the stolen identities and medical data of more than 1 million Americans.””

HIPAA Training Strengthens Defenses

The workforce in an organization is the first line of defense against cybercrime. Employees who are aware of cyber tactics can stop an attack before damage is done if they know what to look for and how to react.

HIPAA requires covered entities and business associates to train their workers about safeguarding patient privacy. Cybersecurity awareness training must be included.

Today, cybersecurity awareness training should be part of every school curriculum, since everyone is potentially a target.

Tips to Prevent Healthcare Fraud

The FBI warns:

• Be suspicious of unsolicited messages, emails, texts, and calls requesting personal information.
• Never click on links that are included in suspicious and/or unsolicited emails.
• Use strong passwords and enable Multi-Factor Authentication for all accounts.
• Keep operating system software updated and use antivirus software on all devices.
• Always contact your health insurance provider directly to verify the legitimacy of any messages before sharing personal or health care information.