Hackers steal health care payments by diverting them to bank accounts under their control, the FBI warns.
The Bureau was forced to issue a warning after more than $4.6 million was stolen in three separate incidents in which criminals sent phishing emails or people working in payment processors and finance departments impersonated support center employees.
Through phishing emails and calls, the attackers tried to get victims to give away login details of healthcare portals, websites and the like. Then they logged into people’s accounts and changed the payment details. That way the payment goes to the wrong account once.
In addition to phishing, the threat actors also edit Microsoft Exchange server settings and create custom rules to track which emails go in and out of the target’s inbox.
Of the three incidents, one occurred when login credentials from a ‘major healthcare company’ were used to replace a hospital’s banking information with those of the attackers. A total of $3.1 million was lost. In another incident, the thieves made off with some $700,000, while in the third incident, an attacker impersonated an employee, changed the Automated Clearing House (ACH) instructions and took $840,000.
To protect against such attacks, healthcare organizations and payment providers must first and foremost educate their employees about the dangers of phishing and ensure they have strong, hard-to-crack passwords that they won’t share with friends, family, or leave lying around on a piece of paper. on their desk. In addition, they should be wary of any changes to the email server that were unplanned or seem logical.
They should also be suspicious of any employee who requests a password reset, a phone number reset for MFA, within a short period of time, the FBI concluded.
Via: BleepingComputer (opens in new tab)