Our latest interview is with Kevin Hogan, Head of Fraud Risk at Investec.
Let's talk about the problem of medical fraud and how medical practices can avoid it, along with tips on how to spot fraud and recommendations for staying safe.
Why do the healthcare industry and medical practitioners, as a demographic group, seem to be more susceptible to fraud?
South Africa is number five in the world for cyber-related fraud, following America, the UK, China, and France.
Two scams that affect practitioners more often than not in healthcare are:
Business email compromise (BEC), also known as email hacking, is a sophisticated form of fraud that occurs when a fraudster obtains access to your username and password. They can intercept invoice emails, resulting in a loss of revenue. 45% of all people's usernames and passwords can be ascertained from their Facebook profiles.
Fraudsters use medical practices to launder money. They will pose as a patient, pay for a service or procedure, then cancel the procedure and request a refund to an account that is not the one they paid on. This effectively cleans their money.
Recommendations:
The most important thing is you've got to create strong and unique passwords.
Don't use the same username and password on multiple accounts.
Use a password manager to store all your login credentials securely. LastPass is a great tool.
Check your commercial insurance policy. to ensure it covers you for cyber-related events.
Is your IT guy a security expert, not just a friend who fixes your printer and sets up your email? Do they have expertise in anti-virus software and cyber security?
Review your backup processes, and make sure you are backing up to the cloud.
Never click on links in phishing emails asking to renew subscriptions or update your payment/subscription details.
Make sure you've got the Rolls Royce of antiviruses.
If you fall victim to these frauds and you pay money to frauds, the faster you let your bank know, the higher the likelihood that the banks can recover your funds.