Some a-hole called claiming to be working on an IT project. Securing patient records for an Eye Clinic. Something about insurance and Identity theft.
What puzzles me is he knew the doctor’s name that I saw last July.
He gave me a number that I won’t be calling. I will call the eye clinic directly to confirm my account is ok.
I didn’t tell the guy I’ve worked in IT for 26 years. Payroll and HR. I have never once directly talked to any employee about their personal records. Not my job. That would be somebody in Payroll or HR making that call.
What was he looking for? Social engineering is when someone calls a random person in a company and tries to convince him or her that he needs data for some legitimate sounding project. If he was looking for patient records this sounds like that.
I’m not sure what they were trying to get. I didn’t write down the phone number he gave. I’d guess the other person/associate would get the data. I didn’t want to climb down in this rabbit hole.
I just called the eye clinic directly and talked to account services. Everything is fine. I told them about the call.
I suspect that when you dialed the number, the person on the other end would have you answer some questions ‘to verify your identiy’. Probably your SSN# and other stuff. Since you were calling them, it might not seem that odd that they would ask you for it, put you more at ease in giving it.
I got one yesterday. It was a recorded message saying they were Microsoft and they had detected hacking attempts being made against my computer. And I should press one to speak to one of their representatives about this situation.
I was tempted to press one and ask whoever I got on the line if they seriously expected people to fall for this.
Huh. I guess I rate higher than you - my calls from Microsoft are always live, not recorded. Which is good, because you can’t ask a recording if its mother knows it’s a thief. Of course, apparently my computer is the one SENDING the spam, so that might rate a “human’s” intervention.
I had a vaguely similar call to the OP’s - not identifying a doctor or anything, but asking for me by name so they could represent me in an upcoming vaginal mesh lawsuit.
As I have never had such a procedure, I’m not entirely sure what the aim was there -whether identity theft or just cold calling hoping they got someone who qualified for their “services”. The number was absolutely spoofed (I checked).
Had the Microsoft calls several times now, and a new one a recording urging me to call in if I’ve had any medical mistakes (which I haven’t and even if I had I wouldn’t try to get a lawyer from a cold call).
I just had a customer that ran out and bought a new computer because he was positive he had been hacked. Why, because he got emails from mylife.com talking about how his personal information was exposed on dozens of sites (I got the same email).
The vast majority of my customers are people with more money than computer skills. We see tragedies like this weekly. People falling for $300 “lifetime tech support” packages that when they call back again of course they have never heard of them and want to charge another $300, People who paid the “FBI virus” to get their computer unlocked.
Then these people act like we are robbing them when it ends up costing $100 to clean up after these guys.
Unfortunately, healthcare information gets shuttled all over the place. You’re supposed to de-identify files, but people screw up. Or information is left on an unprotected drive, or papers get seen.
