What Email Scams Look Like and How to Avoid Them
We have all seen the huge healthcare industry breaches in the news recently, from the 11 million member breach of Premera Blue Cross to the 80 million member breach of Anthem. However, what a lot of practices don’t realize, or are in denial about, is that this also is happening at dental offices, daily. Small healthcare organizations are specifically targeted for two reasons: first because they fail to upgrade their cybersecurity as quickly as other businesses and second criminals find personal patient information particularly valuable to exploit. Cyber-criminals are paid $20 for health insurance credentials compared to only $1 to $2 for credit card numbers. Additionally, we have seen hackers change direct deposit information and payment transmittals to vendors once they hack into the system.
The primary way cyber-criminals get into systems is via phishing emails. These phishing emails are getting creative, so you or your staff may not always be able to pick the rotten apple out of an already crowded inbox. Here are some examples of what those suspicious emails might look like and how to avoid falling for their traps.
- Re-Used and Recycled Scams
There are a number of email scams that have been in circulation for many years. Fraudsters often recycle proven strategies with slight alterations to their stories, so be on the lookout for these common fraudulent emails.
- Phony business opportunities
- Chain letters
- Random opportunities that let you “work-at home”
- “Easy” or “free” money or goods
- Loans or credit that are just too good to be true
- Opportunities to invest
- A “Long-Lost Friend” asking for money
- Phishing for Your Information
Phishing is defined as a scam used to steal your information. A lot of this data could be extremely valuable and include credit cards, social security numbers, usernames and passwords.2 With just a small amount of material, phishers can gain access to your money and even more of your personal information. A simple way to avoid falling for any of these scams, is to not send any requested information by email. Just log in to your member account or give the service center a call to verify any requests. Phishing comes in many forms, but here are some examples of how it could present itself in your email inbox.
- A Billing Issue
- Your Account is Expiring
- Bank Notifications
- Security Verifications
- Be Suspicious of Links
It may seem like second nature to click on the shipment inquiry from UPS, but make sure you think before you click. If you receive an email that you did not request, be wary of any links or attachments included. One accidental click can download a package to your computer that opens the door to harmful viruses. It is very easy for someone to type ups.com and attach a completely unrelated and harmful link. A good way to check on this is to hover over the link before clicking on it. This should let you see where the link will really take you.3 Here are some examples of links you should always think twice about before clicking.
- You’ve won a contest!
- Your UPS/FedEx Package is undelivered.
- You’ve been infected with a computer virus!
- Here is my resume.
- Suspicious Government Emails
These emails appear as if they come from government agencies, such as the IRS, FBI or HHS. They ask for personal information or claim that you owe money while using the names of these agencies to legitimize their requests. We have even some that suggest the practice is being investigated for violations. Realistically, if any of these government agencies want to get in touch with you, they would do so in a much more formal manner. A cryptic email would not be their first means of communication.
It is important to be aware of the many ways that you could be scammed and also to train your staff on what they should and should not open. Just one security slip-up could lead to HIPPA violations, stolen patient records and thousands of dollars in loss, so remember to stay skeptical and when in doubt, don’t click, just delete!
Dentist Insurance Services’ experienced staff is ready to get to work for you. If you need a review of your current insurance policies or would like to know more about cyberliability insurance coverage – call us at 800.877.7597 or e-mail [email protected]