AHA: Rise in Scams Targeting IT Help Desks for Payment Fraud

American Hospital Association Warns of Social Engineering Schemes
Marianne Kolbasuk McGee (HealthInfoSec) • January 18, 2024
Read the full article in Healthcare InfoSecurity here:
Health-ISAC pulled quotes:
Errol Weiss, chief security officer at the Health Information Sharing and Analysis Center, said that Health-ISAC has been aware of IT help desk social engineering schemes targeting the health sector entities since mid-2022, while variations of the scams have been happening even longer in some other industries.
“Ten years ago in the banking sector, I saw cybercriminal groups use these same social engineering tactics to obtain sensitive information, get access to company accounts, and use all that to perpetrate fraud,” he said.
“The threat actors call the help desk to gain unauthorized access to corporate accounts and sensitive information. The information is typically used to further scams or fraudulent activity like business email compromise,” he said.
“It’s the same scam today, just leveraging helpful IT help desk support staff,” Weiss said.
Moving forward, AI-fueled attacks, including those involving deepfakes, potentially make matters even more difficult for entities to detect and prevent falling victim to social engineering schemes.
“The problem is: IT help desks are being fooled by threat actors to reset MFA credentials and send them authorization codes,” Weiss said.
“Organizations can implement more thorough checks like having the employee’s supervisor validate the request or use technology like voice recognition to enhance the process,” he said.
- Related Resources & News
- Potential Terror Threat Targeted at Health Sector – AHA & Health-ISAC Joint Threat Bulletin
- New Cybersecurity Policies Could Protect Patient Health Data
- CyberWire Podcast: PHP flaw sparks global attack wave
- Health-ISAC Hacking Healthcare 3-14-2025
- HSCC Aiming to Identify Healthcare Workflow Chokepoints
- New Healthcare Security Benchmark Highlights Key Investment Priorities and Risks
- Are Efforts to Help Secure Rural Hospitals Doing Any Good?
- CISA cuts $10 million annually from ISAC funding for states amid wider cyber cuts
- 2024 Health-ISAC Discussion Based Exercise Series After-Action Report
- Cobalt Strike takedown effort cuts cracked versions by 80%