AHA: Rise in Scams Targeting IT Help Desks for Payment Fraud
American Hospital Association Warns of Social Engineering Schemes
Marianne Kolbasuk McGee (HealthInfoSec) • January 18, 2024
Read the full article in Healthcare InfoSecurity here:
Health-ISAC pulled quotes:
Errol Weiss, chief security officer at the Health Information Sharing and Analysis Center, said that Health-ISAC has been aware of IT help desk social engineering schemes targeting the health sector entities since mid-2022, while variations of the scams have been happening even longer in some other industries.
“Ten years ago in the banking sector, I saw cybercriminal groups use these same social engineering tactics to obtain sensitive information, get access to company accounts, and use all that to perpetrate fraud,” he said.
“The threat actors call the help desk to gain unauthorized access to corporate accounts and sensitive information. The information is typically used to further scams or fraudulent activity like business email compromise,” he said.
“It’s the same scam today, just leveraging helpful IT help desk support staff,” Weiss said.
Moving forward, AI-fueled attacks, including those involving deepfakes, potentially make matters even more difficult for entities to detect and prevent falling victim to social engineering schemes.
“The problem is: IT help desks are being fooled by threat actors to reset MFA credentials and send them authorization codes,” Weiss said.
“Organizations can implement more thorough checks like having the employee’s supervisor validate the request or use technology like voice recognition to enhance the process,” he said.
- Related Resources & News
- Health-ISAC Hacking Healthcare 10-15-2024
- Health-ISAC Welcomes Booz Allen Hamilton to the Ambassador Program
- Health-ISAC Hacking Healthcare 10-9-2024
- Monthly Newsletter – October 2024
- Health ISAC leads effort to transform SBOM information sharing under CISA-facilitated community work
- CyberEdBoard Insights: Phil Englert and Errol Weiss
- Health-ISAC Hacking Healthcare 9-10-2024
- Strengthening Healthcare Cybersecurity: Lessons from Recent Supplier Attacks
- Specialize in Securing Critical Infrastructure
- How AI is transforming cybersecurity, on defense and offense