FightCybercrime.org

Recognize, report and recover from cybercrime.

Medical Identity Theft

Medical identity theft is a serious crime that can impact your health and finances. Learn how to detect and recover from this cybercrime.

Get Started Report Cybercrime
Home » Scams » Identity Theft » Medical Identity Theft

The Basics of Medical Identity Theft

Medical identity theft is a serious problem that can have a major impact on your life. If your medical identity is stolen, it can be used to get access to your personal information and financial resources. It can also lead to fraudulent charges being made in your name, which can damage your credit and reputation. In some cases, medical identity theft can even result in life-threatening situations.

Common Tactics of Medical Identity Theft

Medical identity theft occurs when someone uses your personal information—like your name, Social Security number, or health insurance account number—to get medical care, buy prescription drugs or submit false claims to your health insurer. There are a few common tactics that medical identity thieves use:

  • They may pose as a doctor or other medical professional in order to get your personal information.
  • They may call or email you pretending to be from your health insurance company or another organization, and try to trick you into giving them your personal information.
  • They may go through your trash or public records to find information like your Social Security number or health insurance account number.
  • They may hack into databases where your personal information is stored.
  • They may use your information to get medical care or prescription drugs, submit false claims to your health insurer or open new credit accounts in your name.

Step 1:Recognize

Red Flags of Medical Identity Theft

There are a few warning signs that can indicate that you may be a victim of medical identity theft. Here are some red flags to watch out for:

  • You receive a bill for medical services that you did not receive.
  • You receive calls or letters from collections agencies about unpaid medical bills that you do not recognize.
  • Your health insurance company denies your claim because they say you have already reached your maximum benefits limit.
  • You are contacted by your healthcare provider about a suspicious or unexpected prescription in your name.
  • You receive notice from the IRS that you have been flagged for an audit because of suspicious activity on your tax return.

Step 2:Immediate Actions

If you think you are the victim of medical identity theft, it is important to take action right away. Here are some steps to take:

  • Visit IdentityTheft.gov from the Federal Trade Commission to file a report and create a personalized plan for recovery.
  • Review your medical records carefully. Look for any treatments or procedures that you did not receive or any charges you do not recognize. Report any mistakes or unfamiliar charges to your insurer.
  • Contact your doctor’s offices and alert them about potential fraud.
  • For private insurance – call your insurance company and ask for their fraud department.
  • For Medicare, Medicaid, and other HHS programs – visit Department of Health and Human Services’ (HHS) Inspector General website to submit a complaint or call 800-447-8477.
  • Speak to an Identity Theft Resource Center (ITRC) expert advisor toll-free by phone (888.400.5530) during their normal business hours (6 a.m.-5 p.m. PST) for one-on-one assistance.

Step 3:Report

Reporting any type of cybercrime, including medical identity theft, is imperative to help others avoid being scammed. As a society, the more people that report online scams and fraud, the more national reporting data that is collected, and the better chance law enforcement has to catch the criminals and decrease cybercrime.

Report to FTC

Step 4:Recover

Protect Yourself for the Future

Once you have notified the appropriate organizations, it is time to recover and reinforce your cybersecurity by implementing preventative measures.

  1. Keep your personal information safe. Be careful about who you give your Social Security number, health insurance account number or other personal information to.
  2. Shred any documents that contain your personal information before you throw them away.
  3. Be cautious about giving your personal information over the phone or online. Make sure you know who you’re talking to and that the website is secure before you enter any sensitive information.
  4. Check your medical records and insurance statements carefully for any suspicious activity.
  5. Keep a close eye on your credit report for any unusual activity.

Take 5 Steps for Better Online Security

In addition, it’s important to strengthen your online security to help avoid all types of online scams. Take action to improve your digital posture by following these steps:

  1. Implement Multi Factor Authentication (MFA): Passwords are generally easy for scammers to crack, and even if you use strong passphrases, there’s still the possibility that a cybercriminal can obtain your passphrase in a data breach. Implementing MFA is a great way to maximize your security and ensure that you are the only one who can gain access to your accounts. MFA should be implemented on all accounts where it is available. Check your account’s security settings to see if it is something you can set up.
  2. Update Your Privacy Settings: Privacy settings allow you to control your personal information (name, address, phone number, date of birth, financial details, photos or videos, etc) and how that information is used. Review your privacy settings on all of your accounts including your social media accounts. Consider restricting who can see your friends list, contacts, photos and posts.
  3. Activate Automatic Updates: Automatic updates are a set of changes to an app, software or operating system that are automatically pushed by the developer to fix or improve it. Oftentimes, cybercriminals take advantage of security flaws to plant malicious software on your devices. By activating automatic updates, you will automatically patch security vulnerabilities to protect your data.
  4. Use a Password Manager or Create Strong Passphrases: A password manager is a software tool that securely stores all of your login credentials in one place, allowing you to create and manage strong, unique passwords for all of your accounts. If you are unable to afford a password manager, use strong passphrases. A passphrase is a combination of random words or a sentence that is much longer and more complex than a typical password. Using a passphrase instead of a password makes it much harder for hackers to guess or brute-force their way into your accounts.
  5. Learn the Elements of a Phishing Attempt: Familiarize yourself with the elements of a phishing email. Phishing emails tend to include a sense of urgency and multiple grammar and spelling errors. If they are asking you to reveal personal information, be suspicious. If you get a strange email, try contacting the company another way to confirm they sent that email. If the email is suspicious, mark it as spam.

TestimonialHear from Other Victims

Without Fightcybercrime.org, I don't know if I would have been able to react as quickly to protect my personal information.
Mary - Indianapolis, IN

Latest News

The latest and greatest from our blog.

> Health Insurance Scams Exposed: Identifying and Avoiding Common Frauds

Health Insurance Scams Exposed: Identifying and Avoiding Common Frauds

Protect your health and your wallet. Learn how to spot and avoid some of the most common health insurance scams.

Read Full Article
> Medical Identity Theft: A Threat to Your Health

Medical Identity Theft: A Threat to Your Health

Learn how to recognize and recover from medical identity theft. Don't put your health and finances at risk.

Read Full Article

Branding