Imagine someone setting up a profile in your database with the intent to fraud the system. Think it couldn’t happen to you? Think again.
Synthetic identities are created to look like real clients, but are fabricated by criminals looking for an entry into the system. They are made up of blended information from real and fake data, such as an address from one person mixed with someone else’s social security information. The data often comes from children, the elderly, or the homeless, a vulnerable part of our society that doesn’t spend much time looking into their credit data. That makes synthetic identity theft difficult to detect in the short term because there isn’t a victim reporting the activity right away.
In 2020, 57 percent of US healthcare providers stated they had experienced some type of phishing attack within the past twelve months. If we’ve learned anything in the last year, it’s that the way we do business is changing, and with big change comes vulnerability. Criminals look for the easiest way in.
Now more than ever, we’re relying on people to handle much of the setup and upkeep of their profiles and data on their own. Because of telehealth growth this past year, it’s easier than ever to create content, login, and gain access to detailed information through a simple internet connection. Without face-to-face contact, you’re relying on people doing the right thing - which isn't always the case.
Breaches are all too common. At the beginning of 2021, more than one billion records from CVS Health were released and accessible to the public. This gave would-be criminals access to customer user information, including email addresses and any other query data they entered into the website. This is a good place to start with synthetic identity fraud.
Synthetic identity theft isn’t an in-and-out process. Instead, criminals take time to build a credible profile that gives them access to what they want most.
- They purchase personally identifiable data such as SSN information from a data breach.
- They apply for credit or rewards programs to build up a persona.
- Depending on their goals, they build up a history and expand the amount of credit they’re eligible for.
- They max out everything they get.
As a medical practice, you handle sensitive data every day. One breach can give a would-be criminal an unlimited supply of potential. To protect against synthetic theft, there are a few things you can do.
Start with awareness. While identity theft is in the news more now than ever, it isn’t reaching the most vulnerable. Children gain SSN information at birth, and the elderly often don’t utilize their data for years. Teaching others to pay attention to what’s happening to those closest to them can start to close these vulnerabilities.
Be proactive. Over time, you develop a pattern for patient activity. You learn life cycle, and how people respond throughout contact with your practice. Using AI and other automated tools, you can discover anomalies that might indicate a potential problem. This alerts you to danger before it has a chance to build.
Update. Criminals are always looking for the latest gadget, application, or technology to help them commit fraud on new levels. The rest of us prefer to stay in our comfort zone and hold onto technology for as long as possible. This disconnect can cost you.
While we’re not advocating to update everything you use regularly, there are simple methods to ensure what you do use is as safe as possible. Patches, updates, and other automation can create security that plugs up holes, and removes the vulnerabilities would-be criminals look for.
It all starts with a plan. Do you have one?
For IT Strategy, Cloud Conversion, or Help Desk Services reach out to us at Silver Linings Technology 360-450-4759.