Text message scams are the new threat dentists, and oral care professionals face in today’s cyberspace.
Key points from the article:
Phishing attacks through text messaging have become more familiar with the proliferation of smartphones, and clinics could be the following targets for scammers. Text message scamming (smishing) is contacting unsuspecting victims while attempting to trick them into providing their personal or financial information through social engineering tactics.
Most text message phishing scams are quick and easy as technology advances, and dentists and oral care professionals are the next possible targets. It doesn’t require human resources or expensive technology to set up, and the payoff is often immense if it pays off.
Whether in terms of stealing patient records or financial information, gaining access to dental IT systems, or using ransomware to force dentists to pay hundreds of dollars to regain access to their systems, text message scams can be devastating.
Admittedly, almost any business is vulnerable to phishing attacks. Scammers are constantly devising new, more advanced ways to attack their victim’s weakest link in the security chain – people. Even sophisticated tools like antivirus software and firewalls cannot help against text message phishing if one of your staff unwillingly reveals their passwords or sends money to a fraudulent group or entity.
Imagine the repercussions if your Endpoint Detection & Response (EDR) software is compromised. Hackers could steal crucial patient data, confidential financial information, medical records, etc. The overall damage to your dental clinic could be catastrophic.
Such breaches may even result in breaching Health Insurance Portability and Accountability Act (HIPAA) provisions, which can cost you your license, a hefty penalty, or even jail time.
Many dentists and oral care professionals fall for a common text message scam: IRS fines or unpaid utility bills. A scammer calls or texts your secretary pretending to be a water, gas, or power company representative and asks the secretary to pay the overdue bills. The employee may make the payment to realize later that it was a fraudulent attempt.
A variation of this type of phishing attack is for the scammer to accuse your dental clinic of owing the IRS back taxes and other fines that could result in business closure. Some clinic owners pay out of fear of an IRS audit or because they miss the relevant paperwork.
Most smishing attempts are often direct messages to the dentist’s phone number with a call to action or threat, such as “Your bank requires your personal information to verify your identity. Failure to respond immediately will incur a fee.”
Such text messages can drive some dentists into a frenzy, making them send their personally identifying information without thinking it through.
This segment highlights common text message scams to watch out for:
Text message scammers are becoming masters of human psychology as they devise new and more sophisticated ways to dupe unsuspecting victims into sending their financial and personal data. They know exactly what to say to elicit an action from you.
Training your staff and making them aware of possible security threats and breaches is the best defense against these scams. Security programs in your dental office should cover basic tips to keep your financial and personal records safe, like the following:
Any actions you or your employees take to a scam text message can put your office at risk of having your information stolen or blocked for ransom. Therefore, don’t reply or call the phone numbers. Acting too quickly is also a mistake. The scammer wants you to feel rushed and confused. Don’t fall into this trap by providing an immediate response.
We also encourage you to pay extra attention to the sender’s phone number. You can then find the source of the text message through a reverse phone lookup. Doing this will allow you to authenticate the sender’s identity and determine whether it is a scam text or a legitimate one.
Immediately after receiving the possibly fraudulent text message, please forward it to the Federal Trade Commission (FTC) at ReportFraud.ftc.gov or the Federal Communications Commission (FCC) at SPAM (7726). This allows the FCC and FTC to alert other dentists to the risks. Also, block the sender from your phone.
This is perhaps the most important tip. You must avoid clicking any links in suspicious text messages or initiating contact with the sender. Doing so may compromise your phone or systems without you realizing it.
Scammers change their tactics all the time. Therefore, it is up to you to secure your phones and systems to avoid breaches and other privacy threats. Being prepared against smishing is only half the battle. You should also create a security policy with detailed steps in case you or your employee clicks on a fraudulent link or unsuspectingly shares sensitive information.
Knowledge is your greatest defense against text message scammers. While these scams may seem far less common than other phishing tactics, their fallout could be just as devastating.
NOVA Computer Solutions provides the best security service and support to protect your patient’s financial and personal records (and your own) from falling into the wrong hands. We offer a wide range of services, from complete turnkey solutions to IT support and consulting.
Contact us today for more information about text message scams and other, more advanced phishing tactics used by scammers and how to protect your systems from them.