DEA Warns of Fax-based Phishing Scams Targeting Physicians and Pharmacies

May 31, 2018 / HIPAA

The most recent warnings from the Drug Enforcement Administration (DEA) this month concern phishing scams from individuals posing as DEA agents attempting to obtain a physician’s DEA registration number or signature, PHI, social security numbers and even credit card data.

Be on guard for suspicious phone calls, faxes or emails. The DEA does not ever send unsolicited faxes or emails requesting sensitive data. Cyber-criminals often combine new technology with old tricks to get people to send money or give out personal information. These communications often appear official.
Review this sample fax request for PHI and this sample requesting additional fees.
You may report the solicitation online using the DEA form: https://apps.deadiversion.usdoj.gov/webforms/validateLogin.jsp
If anyone has already provided this information, contact the DEA local field office.

FTC Best Practices to Prevent Fraud

Learn how to spot imposters. Scammers often pretend to be someone you trust, like a government official, or a company you do business with. They may also pretend to be the family of a staff member or patient. While it’s impossible to know every person who might call into the office, trust your instincts. If a phone call, email or fax looks suspicious do not provide any information or payment. Check with other employees, or your IT professional.

The FTC offers information and resources to businesses and private citizens, on various topics such as phishing scams, buying products online, investigating charities and more suggestions on how to avoid fraud You can sign up for free scam alerts from the FTC at ftc.gov/scams and report any scam you spot to them at ftc.gov/complaint!

Back to TMC Blog Gallery