Online scammers are using cunning new strategies to lure physicians and others into exposing personal information and patient data, American Medical News reports.
Phishing scams typically involve fraudulent e-mails designed to solicit information such as logins, passwords and financial information. The e-mails also could include links to fictitious Web sites or attachments containing computer viruses.
For example, a recent slew of fake CDC e-mails asked users to register online at a vaccine database. CDC officials issued an alert about the scam and warned that the e-mails likely included links to malicious software downloads.
In addition, some scammers have started targeting specific populations by pretending to be a party that regularly exchanges information with the users. These targeted scams, nicknamed "spearphishing," often are more difficult to detect than other types of fraud.
For example, a spearphishing hacker might pose as a familiar insurance company, IT administrator or technology vendor to request sensitive information from physicians and other health workers.
How To Fight Phishing
To prevent hackers from obtaining access to personal data, experts recommend that physicians:
- Alert officials immediately about a suspected scam;
- Be wary of e-mails containing attached files;
- Call to verify sources when an e-mail seeks personal information;
- Keep staff informed about possible scams;
- Stay alert to e-mails from unfamiliar companies; and
- Use bookmarks instead of clicking on e-mailed links.
In addition, experts recommend reminding patients that the physician practice will never request personal information through e-mail (Lewis Dolan,
American Medical News, 1/25).