Skip to Content

FBI Warns of Cyberattacks Against Healthcare Payment Processors

The FBI has published a Private Industry Notification warning of increasing attacks against healthcare sector payment processors. According to the notification, the thieves are using publicly available personally identifiable information belonging to processor employees along with social engineering tactics to redirect payments under their control. The notification lists possible indicators of attempted attacks, including phishing emails, unexpected changes to email exchange server and user accounts, and employees being locked out of payment processor accounts because of failed password recovery attempts.


  • The threat actors are changing payment (ACH, Direct Deposit, etc.) to send information to their accounts rather than where expected. This means that you should not only check your personal accounts for fraudulent charges, but also verify corporate payment destinations are valid. Make sure that you have secondary validation of payment account changes, customer or corporate as well as enforce multi-factor authentication making credential compromise attacks much harder. Review the FBI recommendations to find other mitigations you may not have otherwise considered.


    Ads Blocker Image Powered by Code Help Pro

    It looks like you are using an adblocker.

    Ads keep our content free. Please consider supporting us by allowing ads on