DOJ charges 10 individuals for allegedly spoofing emails, defrauding healthcare payers, hospitals

The U.S. Department of Justice filed charges this week alleging that 10 individuals posed as business partners and fraudulently redirected patient payments to hospitals that provided medical services. benefits to the insured.

WHY IT IMPORTANT
The DOJ has announced that allegations stemming from business email compromise (BEC) and wire transfer fraud trap five state Medicaid programs, two Medicare Administrative Contractors, and two companies. private health insurance.

According to the statement, public and private health insurers allegedly fraudulently paid the defendants and their accomplices instead of depositing reimbursements into the hospitals’ bank accounts.

The defendants – one in South Carolina, one in Virginia and eight in Georgia – allegedly used fake email addresses and other methods to deceive healthcare payers into believing they were doing so. legitimate payments.

The investigation revealed more than $4.7 million in damages to Medicare, Medicaid and private health insurers, and $6.4 million in damages to other federal government agencies, the private companies and some elderly individuals.

“These indictments demonstrate our unwavering commitment to combating internet crime and holding internet fraudsters accountable, especially when planning,” said Adair Boroughs, attorney for the District of South Carolina. Their plans target taxpayer-funded programs that benefit the most vulnerable among us.”

The defendants and their accomplices allegedly laundered fraudulent payments obtained from these health care benefit programs and other victims by transferring large amounts of cash through accounts they or their accomplices open under fake and stolen identities as well as shell companies.

They are accused of transferring money abroad and buying luxury goods and cars.

“Millions of U.S. citizens rely on Medicaid, Medicare, and other health care systems to meet their health care needs. These audiences have used complex financial plans, such as: BEC and money laundering, to defraud and sabotage healthcare systems across the United States,” said assistant Luis Quesada. Director of the FBI’s Criminal Investigation Division.

In each case, a federal district court judge will decide any sentence, with a maximum penalty of 20-30 years in prison, the DOJ said.

In June, one of the 10 individuals under investigation pleaded guilty to charges ranging from using a fake passport to setting up a shell company that raised more than $1.5 million from BEC programs targeting two programs. state Medicaid program, Internal Revenue Service, Small Business Administration, and private company and two older individuals. In September, that individual was sentenced to four years in prison.

TREND TO BIGGER WOMAN
According to Steve Winterfeld, CISO consultant at Akamai, scams and other BEC tactics are how criminals make the most money.

Winterfeld will speak during a workshop on stakeholder alignment on cybersecurity risks at the upcoming HIMSS Healthcare Cybersecurity Forum. He recently shared some insight into how easy it is to fall victim to potential cyberattacks.

Fraud and spoofing attempts against healthcare organizations and their employees have been on the rise for more than 5 years. A report by Proofpoint found that more than 77% of email attacks on healthcare organizations in the previous two years used malicious URLs.

Ryan Witt, Proofpoint’s chief executive officer, said in the report: “Although cyberattack techniques targeting healthcare organizations vary and evolve, what they have in common is that they attack people. , not just technology”.

“They exploit the curiosity of healthcare workers, their time constraints in acute care settings, and their desire to serve. Combating these attacks requires a new and innovative approach. human-centered for security.”

ON PROFILE
“The Criminal Division and our partners are committed to holding people accountable through sophisticated business email compromises and money-laundering schemes targeting public health insurers. and private as well as individual victims,” ​​Kenneth Polite Jr., assistant attorney general for the DOJ’s Criminal Division, said in the statement.

Christian Schrank, HHS-OIG’s deputy inspector general for investigations, added: “These allegations describe a blatant attempt to extract money, in part, from essential health care programs to replace it. which finance personal interests”.

“This coordinated action is a prime example of the commitment that HHS-OIG and our law enforcement partners have to protect the federal health care system against fraud,” he said.