FBI warns hackers are stealing healthcare payments

Healthcare payments are being diverted, FBI says

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Hackers are stealing healthcare payments, by diverting them to bank accounts under their control, the FBI is warning.

The Bureau was forced to issue a warning after more than $4.6 million was stolen in three separate incidents where criminals would send outphishingemails, or reach out to people working at payment processors and financial departments, pretending to be support center employees.

Through phishingemailsand calls, the attackers would try and get the victims into giving away login credentials from healthcare portals, websites, and similar. After that, they’d log into people’s accounts and change payment information. That way, once the payment goes through, it goes to the wrong account.

Major incidents

Besides phishing, the threat actors are also editingMicrosoftExchange server settings and creating custom rules in order to keep track of emails going in and out of the target’s inbox.

Of the three incidents, one happened when credentials from a “major healthcare company” were used to replace a hospital’s direct deposit banking information with that belonging to the attackers. In total, $3.1 million were lost. In another incident, the thieves made away with some $700,000, while in the third, an attacker impersonated an employee, changed the Automated Clearing House (ACH) instructions, and took $840,000.

SaaS platforms are facing more phishing attacks than ever>This Facebook Messenger phishing scam may have trapped millions of users>These are the best endpoint protection services right now

To defend from such attacks, healthcare organizations and payment providers should, first and foremost, educate their employees on the dangers of phishing, and make sure they have strong, hard-to-break passwords that they don’t share with friends, family, or leave lying around on a slip of paper on their desks. Furthermore, they should be wary of any changes to the email server that weren’t planned, or seem logical.

They should also be suspicious of any employee requesting a password reset, a phone number reset for MFA, within a short period of time, the FBI concluded.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Via:BleepingComputer

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Windows PCs targeted by new malware hitting a vulnerable driver

Dangerous Android banking malware looks to trick victims with fake money transfers

Latest Google Pixel update includes surprise launch of Android 15’s best battery feature