FBI warns of extortion groups targeting plastic surgery offices
Update October 18, 12:12 EDT: Added statement from the American Board of Plastic Surgery.
The FBI warned of cybercriminals using spoofed emails and phone numbers to target plastic surgery offices across the United States for extortion in phishing attacks that spread malware.
After gaining access to their networks, the attackers steal data from compromised systems that they’ll use to extort surgeons and patients.
Documents stolen in these breaches can contain very sensitive data, including personally identifiable information, sensitive medical records, and, in some cases, even intimate photographs taken for medical purposes.
After obtaining this data, they add more information to the harvested ePHI using open-source information, such as social media details, to make their extortion attempts more convincing.
“Cybercriminals use open-source information, to include social media, and social engineering techniques to enhance the harvested ePHI data of plastic surgery patients,” the FBI said.
“Cybercriminals use the enhanced data as leverage for extortion in Phase 3 and may use it for other fraud schemes.”
Then, they reach out to plastic surgeons and patients through social media, emails, text messages, or messaging apps, threatening to share the sensitive ePHI unless an extortion payment in cryptocurrency is made.
To apply even more pressure on the victims, the cybercriminals might also share this sensitive data with the victims’ friends, family, or colleagues, as well as create public-facing websites displaying the information.
The attackers will also promise victims that they’ll stop sharing the electronic protected health information (ePHI) upon receipt of the extortion payment.
The American Board of Plastic Surgery, the certifying board for plastic surgeons in the United States, told BleepingComputer in July that it was aware of attackers impersonating it in phone calls to physician offices.
“The attacker requests an email address over the phone and attempts to send malware to that email address if provided. The Board has alerted its diplomates of the cyber threat,” BleepingComputer was told.
“The Board is working with the FBI to investigate the source of these threats. As the FBI is the prime investigator, the Board cannot comment on the extent of those affected at this time.”
How to protect yourself from such extortion attempts
The FBI says that surgeons and patients at risk of being targeted can take some proactive steps to protect their personal information.
They should start by ensuring that their social media profiles are configured to provide the maximum amount of privacy to prevent people not in their friends list from monitoring their online activity without authorization.
“Preferably, make your account private and limit what can be posted by others on your profile,” the federal law enforcement agency said.
“Audit friend lists to ensure they consist of and are visible to people you know. Only accept friend requests and follows from people you know. Enable two-factor authentication to login.”
The FBI also recommended creating strong and complex passwords for all accounts, including email, social media, financial, and bill payment platforms, to secure them against hacking attempts (use a password manager to make them easier to remember).
Last but not least, keep a close eye on bank accounts and credit reports for signs of suspicious activity, and, if possible, set up credit report fraud alerts or security freezes to thwart unauthorized access.
The FBI encourages those victims to report the incidents by filing a complaint with the Internet Crime Complaint Center (IC3).
These complaints should include specific details, such as the identity of the person or company who made contact, the method of communication, and the bank account number or wallet address to which the extortion payment was made.
Earlier this month, the FBI also issued a public service announcement warning of a nationwide increase in ‘phantom hacker’ scams targeting senior citizens across the United States.
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below
To keep up to date follow us on the below channels.