Phishing Scam Strikes Colorado Business

Colorado ranks 19th in the nation for reporting scams and 13th in the country for reporting identity thefts. It comes as no surprise to many in the industry and indeed to state prosecutors that many businesses in the state fell victim to a phishing scam.

What is a Phishing Scam?

Phishing is described as the fraudulent act of trying to gain data or sensitive information, including social security numbers, dates of birth, passwords, or more, by pretending to be a legitimate company and sending communication perturbing to be that company with the sole purpose of obtaining such information.

Phishing scams generally come as phone calls, text messages, emails, or other communication. They are designed to fool the recipient into thinking that a legitimate entity, for example, their bank, is requesting this information. The recipient then follows the directions resulting in the scammer obtaining information and or monetary compensation for their efforts from those who the scam has caught out.

Colorado Phishing Scam

Recently, over 26,000 people were contacted by colorado Retina Associates to inform them that they had been the victim of an unauthorized third party gaining access to their information to send phishing emails from their account.

The firm hired a computer forensic to assist in the investigation. the firm also managed to secure all email accounts for employees and the ‘entire email environment.’

Investigations found that the unauthorized party managed to access two user accounts and sensitive patient details stored in those accounts. They may have synced the email account to store the data. It is thought that information that could have been accessed includes patient names, social security numbers, financial account information, and medical treatments, along with other personal information.

This is the latest in a line of healthcare phishing scams that have plagued the state in recent years. After this newest and extensive scam resulted in a major data breach, the CRA is enhancing its security protections to prevent anything like this from happening again.

Preventing Phishing Scams

Knowledge is key when detecting phishing scams as scammers become more adept at pulling off increasingly convincing techniques to fool people into handing over their details and money.

Traditionally, there are many giveaways to a phishing scam, including;

  • Poor spelling and grammar.
  • Use of email or Mrs/Sir instead of your first name.
  • Rushed tones during phone calls and urgency in completing tasks.
  • Asking for your full social security number or other pins and passwords that legitimate companies never ask for.
  • Emails informing you of payees being set up in bank accounts, unauthorized transactions, or for your services being limited. This also applies to an email from streaming services or other companies too.

There are many steps you can take to keep your company protected from this type of attack:

  • Train all staff members in your company about the importance of data security and hold regular training, including instruction on not clicking any links in emails they don’t recognize.
  • Place limits on personal email use on company servers and equipment.
  • Phone calls should be treated with caution when displaying a potential phishing scam’s characteristics and should always be escalated to the relevant department without any details being disclosed.
  • Work with a reliable provider of IT services in Denver to set up anti-spam email filters and ensure your security systems adequately protect all the sensitive information you hold.
Chris Turn