Plastic surgery offices and patients in the United States are being warned about cybercriminals targeting them to steal sensitive data, including medical records and photographs, for extortion purposes. The FBI issued a warning, advising that criminals are using a multi-stage approach to maximize their profits. The first stage involves hackers infiltrating the networks of plastic surgery offices to extract sensitive data, often through phishing techniques. The second stage involves enhancing the stolen data through open-source information and social engineering techniques. Finally, in the third stage, criminals contact surgeons and patients demanding payment in exchange for not publishing the stolen data. In some cases, the data is shared with others to exert pressure on the victims. The FBI urges those targeted to report fraudulent activities and offers tips to protect against such attacks, such as strengthening privacy settings on social media accounts, using unique and strong passwords, and monitoring bank accounts and credit reports for suspicious activity.
Key Points:
1. Plastic surgery offices and patients in the US are being targeted by cybercriminals seeking to steal sensitive data for extortion purposes.
2. The FBI warns of a multi-stage approach used by criminals, involving data harvesting, data enhancement, and extortion.
3. Hackers infiltrate networks through phishing techniques and extract sensitive data, including electronic protected health information.
4. Criminals enhance the stolen data through open-source information and social engineering techniques.
5. Extortionists contact surgeons and patients, demanding payment in exchange for not publishing the stolen data, sometimes resorting to sharing it with others to pressure the victims.
6. The FBI advises reporting fraudulent activities and provides tips for better protection, such as strengthening privacy settings on social media accounts and monitoring bank accounts and credit reports for suspicious activity.