FBI Issues Alert as Cybercriminals Impersonate Health Fraud Investigators to Steal Patient Data

FBI warns of cybercriminals impersonating health fraud investigators to steal sensitive medical data. Fraudulent emails and texts are targeting patients and providers nationwide.
FBI Issues Alert as Cybercriminals Impersonate Health Fraud Investigators to Steal Patient Data
Table of Contents
    Add a header to begin generating the table of contents

    Cybercriminals have found a new disguise—and this time, it’s the badge of authority. The Federal Bureau of Investigation (FBI) has issued a public alert warning that threat actors are posing as health insurance fraud investigators in an attempt to steal sensitive healthcare and financial data from unsuspecting individuals.

    The fraudulent activity involves emails and text messages that appear to come from legitimate health insurers or their investigative teams. But instead of providing help, these messages are engineered to manipulate patients and healthcare providers into giving up protected health information (PHI), financial account details, and even money for fake reimbursements or services.

    “These criminals are sending emails and text messages to patients and health care providers, disguising them as legitimate communications from trusted health care authorities,”
    the FBI stated in its recent advisory.

    Tactics Used by Cybercriminals in Healthcare Impersonation Scams

    According to the FBI, these schemes are highly targeted and play on the authority and urgency of healthcare fraud investigations. Some of the most common tactics observed include:

    • Claiming the recipient has received overpayments and must return funds
    • Requesting confirmation of insurance or billing details
    • Asking for access to medical records or financial data under the guise of compliance checks
    • Embedding links to phishing sites that capture login credentials or deploy malware

    The attackers often mask their communications to look official, using logos, formatting, and email addresses that closely mimic real organizations.

    The Wider Context: Record-High Cybercrime and Imposter Scams in 2024

    The FBI’s latest alert comes as imposter scams continue to climb across the U.S. In March 2024, the Federal Trade Commission (FTC) reported that Americans lost $2.95 billion to these types of scams—more than any other fraud category. With over 845,000 reports filed, the median loss for one in five victims was a staggering $800.

    One month later, the FBI revealed that total cybercrime losses for 2024 reached $16.6 billion, a 33.3% increase over 2023. Healthcare-related incidents are becoming a frequent part of that number, especially as cybercriminals exploit social engineering tactics to breach systems.

    In April, the Department of Health and Human Services (HHS) warned that attackers were increasingly targeting the Healthcare and Public Health (HPH) sector, particularly via business email compromise (BEC) attacks that trick IT help desks and redirect bank transactions.

    FBI’s Recommendations for Avoiding Healthcare Imposter Scams

    To reduce the risk of falling victim to these impersonation scams, the FBI strongly advises:

    • Never share personal or medical information in response to unsolicited emails, texts, or calls
    • Avoid clicking on links in suspicious messages, even if they appear to come from trusted organizations
    • Use strong, unique passwords and enable Multi-Factor Authentication (MFA) on all accounts
    • Verify directly with your health insurer before acting on any suspicious request

    Patients and healthcare organizations alike are urged to remain on high alert as threat actors continue to refine their deception techniques.

    As healthcare data becomes a premium target for fraud and ransomware operations, the need for resilient, secure backup infrastructure has never been greater. Ensuring data is protected—and quickly recoverable—is essential not just for compliance but for maintaining public trust.

    Looking for a trusted recovery solution?
    Defend your organization with StoneFly DR365—an air-gapped, immutable backup and recovery appliance trusted by enterprises to ensure zero data loss even in the event of complex cyberattacks.

    Related Posts