FBI has cautioned amid increasing targeted healthcare payment attacks that is a malicious effort to veer the amount in the account owned by attackers using sophisticated technology and applications.
For such attacks, attackers depend on publicly-available personally identifiable information (PII) and social engineering to impersonate victims and access payment information, healthcare portals, and more.
“Recent reporting indicates cybercriminals will continue targeting healthcare payment processors through a variety of techniques, such as phishing and social engineering, to spoof support centers and obtain user access,” the FBI warns.
One of the earlier incidents that alarmed the healthcare field is when attackers diverted $ 3.1 million from victims’ payments after using compromised credentials to change the direct deposit banking information to an account they own.
In the same month, the same method was used in another attack to steal approximately $700,000.
In April 2022, an attacker diverted roughly $840,000 to the cyber criminal account. He portrayed himself as an employee of a healthcare company that has over 175 medical providers and changed Automated Clearing House instruction at payment processing.
According to the data presented by the FBI at least 65 healthcare payment processors in the US were targeted between June 2018 and January 2019. This led to the diversion of money to the account of cyber attackers. The biggest of all is when a victim loses $1.5 million.
This is no less than a serious caution to people by the FBI who are involved in healthcare payment processes.
