Updates from July, 2025 Toggle Comment Threads | Keyboard Shortcuts

  • Geebo 8:00 am on July 2, 2025 Permalink | Reply
    Tags: , , PHI, ,   

    Fake Health Investigators Target You 

    By Greg Collier

    The Federal Bureau of Investigation has issued a warning about a new wave of scams where cybercriminals impersonate health fraud investigators. As detailed in a report from Bleeping Computer, these schemes are designed to trick both patients and healthcare providers into surrendering sensitive data, including medical and financial records.

    According to a recent advisory from the agency, fraudsters are posing as legitimate health insurers or members of investigative teams. Victims are contacted through emails or text messages crafted to appear authentic. The goal is to pressure individuals into sharing protected health information or personal financial details. In some cases, the messages claim the recipient must provide reimbursements for supposed overpayments or services not covered by insurance.

    The messages typically mimic the language and branding of trusted healthcare entities, making them difficult to distinguish from genuine communications. Once the information is obtained, it can be used for a range of criminal activities, including identity theft and insurance fraud.

    Federal agencies recommend taking caution with any unsolicited messages requesting personal or medical information. They advise verifying the authenticity of such communications by contacting the insurer directly. Security experts also emphasize the importance of strong passwords and Multi-Factor Authentication to protect against account breaches.

    The healthcare sector remains a frequent target of these attacks. In a separate notice, the Department of Health and Human Services highlighted how attackers are using social engineering to exploit IT help desks at healthcare organizations. By gaining internal access, they can reroute financial transactions through business email compromise tactics, often with devastating results.

    As impersonation scams evolve, public awareness and vigilance remain key defenses. Verifying communications and safeguarding personal data can help prevent falling victim to schemes that increasingly blur the line between real and fake.

     

  • Geebo 8:26 am on July 1, 2025 Permalink | Reply
    Tags: , , , ,   

    Brushing Scams Start at Your Door 

    Brushing Scams Start at Your Door

    By Greg Collier

    A surprise package on your doorstep may seem like a harmless fluke or a lucky mistake. But if you didn’t order it, it could be a warning sign that your personal information has fallen into the wrong hands.

    The U.S. Postal Service is raising awareness about a growing fraud known as a brushing scam. These scams involve third-party sellers sending unsolicited, low-cost items, such as socks, kitchen gadgets or trinkets, to real names and addresses. While the package itself might appear innocuous, its arrival often means that your name, address and possibly more sensitive data are already circulating among cybercriminals.

    At the heart of this scheme is a tactic used to game online retail platforms. After sending out items, the scammers leave positive reviews in the recipient’s name to boost the product’s visibility. This process creates fake but “verified” buyer accounts. It may start with a small item, but experts warn that brushing scams are rarely isolated incidents. The presence of such a package suggests that personal data may have been scraped, bought, or stolen from compromised databases.

    The concern doesn’t end with phony reviews. The misuse of your identity in this way can indicate a much broader security issue. Stolen data can be used to commit financial fraud, steal identities, impersonate users, or circumvent authentication protocols on secure accounts. With information like your full name, home address, and even phone number, scammers can initiate phishing campaigns, open unauthorized accounts or execute social engineering attacks.

    If you receive a package you did not order, it’s important to take it seriously. While there may not be an immediate financial loss, the presence of such a package can indicate that your personal information is at risk. It’s recommended to report the incident to the U.S. Postal Inspection Service, monitor financial and retail accounts for irregularities, and take precautions such as changing passwords. Even if fraud hasn’t occurred yet, these steps can help prevent future harm.

    One important note is to avoid engaging with the package in any way. Scanning QR codes, leaving reviews, or attempting to return the item may confirm to the sender that your address is valid, potentially inviting further contact or exploitation. Some scammers may include counterfeit postage or links to malicious websites, further complicating matters.

    Treat any unexpected delivery with caution. A mystery box might seem like a minor curiosity, but it can be the first clue that your identity is being used without your knowledge. By staying vigilant and proactive, you can reduce the risk of falling victim to a larger and more damaging scam.

     

Newer posts →

c
Compose new post
j
Next post/Next comment
k
Previous post/Previous comment
r
Reply
e
Edit
o
Show/Hide comments
t
Go to top
l
Go to login
h
Show/Hide help
shift + esc
Cancel