In a campaign designed to steal sensitive information and funds, fraudulent organizations have been impersonating the Missouri Medicaid Audit and Compliance Unit (MMAC) in emails, according to an alert from the Missouri Department of Social Services.
MMAC has reported an increase in cybersecurity threats specifically targeting health care organizations, including Medicaid providers. The threats have been appearing in fraudulent emails that falsely claim that an individual’s provider account is subject to “arrest and closure” unless a late “account fee” is paid, according to a release by the MMAC. MMAC said these messages are not legitimate and are a part of a “phishing” campaign, where fraudsters falsely pose as a legitimate organization.
The MMAC said that to avoid phishing scams, do not click on suspicious links or download attachments from unknown senders. It’s important to verify the sender’s email address and domain carefully. Official MMAC communications will come from a @dss.mo.gov domain. Urgent or threatening language that makes you panic or says you must take immediate action is another sign of a fraudulent email. Misspellings, poor grammatical structure, and incorrect or unfamiliar acronyms are also common indicators of phishing attempts. In general, MMAC will never initiate electronic fund transfer changes via email, provide account numbers, routing numbers, or other sensitive banking information in an email, according to the news release.
Further details can be found here at the KOMU News website.