Published on October 07, 2024

Approaching cyber activity with polite paranoia

Be extra diligent when confirming a phone call or bill

We often receive reports of actors who are fraudulently posing on behalf of Firelands Health and we want you to be aware of the possible threats. You likely know how frequent phishing and cybersecurity issues have become in recent years. Especially during the holiday season when consumers are buying goods left and right. We recommend you stay vigilant, as these schemes have become even more realistic and believable. We share this information only as a cautionary measure for your awareness and protection.

Be aware of cybercriminal activity

Cybercriminal activity is rampant. Here are some stats from the National Cybersecurity Alliance “2023 Oh Behave!” report to consider:

  • 84% of people considered online safety a priority.
  • Only 38% of people use unique passwords for all their accounts.
  • About a third of respondents began using a password manager after receiving cyber training.
  • 79% of respondents were familiar with multifactor authentication (MFA).
  • 70% of those who have heard of MFA security measure know how to use it.
  • Only 36% of people always install software updates when they become available.
  • 69% of people express confidence in their ability to identify phishing attempts.
  • 51% of Americans actively report cybercrimes, particularly instances of phishing.

What is a "spoof?"

A spoofing attack is when a person or program successfully identifies as another by falsifying data to gain an illegitimate advantage.

Cybercriminals are seeking personal information and payments from their victims. Communication may come from a “spoofed” phone number as a phone call or text. Attacks may also arrive as an email or in the U.S. mail.

In these fraudulent communications, criminals may send phony statements or invoices and use what appear to be correct branding and language.

There are ways you can identify these issues and protect your privacy and personal information. Many of these criminals are pushy and direct. Threat actors often try to create a sense of urgency or alarm to get the victim to rush into a decision while avoiding caution and forethought.

If you’re unsure, take a step back and validate the truth

Before we continue, it's important to exercise caution. It's easier to be hesitant and withhold information than it is to take back information you’ve already relayed. There are methods you can rely on to verify the truth.

  • If you’re on the phone with us, you may ask to hang up and call the number listed on our website to verify our identity. Our team members will never try to convince you to stay on the phone, and they are trained to have a sense of “polite paranoia.”
  • If you receive a letter or statement in the mail, you may call us to confirm the information. Another way to check a billing balance is to refer to your insurance provider portal for an explanation of your benefits.
  • Use official Firelands Health channels to contact us directly. Two of our main website addresses are firelands.com and firelandsphysiciangroup.com. You can find contact phone numbers listed there.

What information will Firelands Health collect from me?

Knowing how we will and will not interact with your personal information is important.

  • During the scheduling and pre-registration process, you will be asked to provide or verify a series of demographic and insurance questions for identification and billing purposes. The questions will also be related to the procedure or test you’re having completed. When we ask if you would like to pay your estimate by phone for your convenience, you are not required to do so and may pay the registrar at the time of arrival. You may also choose to pay: in person at the cashier’s desk, on our Firelands website, traditional mail or the phone number listed on your billing statement.
  • Information we ask for will be included in your secure electronic health record (EHR). However, this information is only exchanged when you contact us to make an appointment for care, either as a self-referral or through a referral from your provider. We will not call, text or email you to retrieve this information if it wasn’t previously initiated by you. This EHR is highly regulated and bound by HIPAA, and the information is stored in a secure environment.
  • We ask for your Social Security number only if you’re a new patient. We will ask for the last four digits of your SSN if you’re an existing patient for verification purposes.
  • In order to identify a patient, we ask verification questions over the phone, such as insurance information, demographics or alternate contacts.
  • We will never text you a link asking for personal information, such as your Social Security number, credit card number or banking information.

Always be diligent about your cyber activity

Remember, you have the right to take your time and be guarded to protect your identity. The bottom line is, it’s OK to take a step back and assess what’s happening. It’s easier to refrain from relaying personal information than taking it back once you’ve already shared it.

Related stories