When you request a reimbursement from your healthcare provider, it may be completed through a third-party payment processor. These payment processors often offer direct deposit payments so you can get reimbursed as soon as possible. Unfortunately, cybercriminals can use social engineering to try to steal your reimbursement.
In a recent scam, cybercriminals are sending phishing emails that appear to be related to an active reimbursement request. The emails ask you to verify your request number and other identifying information to finish processing your request. If you provide this information, cybercriminals can use it to gain access to your account by verifying your identity. Then, they can update your direct deposit information to redirect payments to their own bank accounts.
Follow these tips to stay safe from healthcare claim scams:
- Never click a link in an email that you aren’t expecting. Contact the payment processor directly by using a known phone number or email address.
- Watch out for notifications that your account information, such as direct deposit information, was changed.
Always enable multi-factor authentication (MFA) on your accounts when available. MFA adds a layer of security by requiring that you provide additional verification to log in to your account.
Stop, Look, and Think. Don’t be fooled.
Protect your network! Learn more about security awareness training for your team.