Cedars-Sinai Blog

Simple Steps for Avoiding Healthcare Scams

Senior man refuses to answer to a call from unknown number.

Healthcare consumers are increasingly at risk of cyberscams—attempts by unsavory individuals to steal personal information for criminal gain. The FBI reports that Americans lost $10.3 billion to a wide variety of internet scams in 2022, and incidence of fraud continues to rise.

"Older adults, new mothers, surgery patients, and people with chronic conditions or diseases are particularly susceptible to medical fraud."

Scams to Watch Out For

Raising awareness of the problem is crucial to keeping scammers in check. The scams come in all shapes and sizes, but three of the most common avenues of approach are via phone, text and email.

For example, an attacker pretending to be from a healthcare company’s IT help desk may call a patient or customer and attempt to persuade them to download remote support software, which can then be used to access their local computer. In other instances, emails or text messages purporting to be from the company or from a personal contact may try to convince the customer to wire money or to purchase something to extend their health coverage.

In each of these cases, the end goal is the same: inducing a sense of panic and then taking advantage of the resulting anxiety to cause financial harm.

Who Is Most at Risk?

According to Consumer Reports, older adults, new mothers, surgery patients, and people with chronic conditions or diseases are particularly susceptible to medical fraud. These populations are targeted frequently because they tend to be more vulnerable and, in many cases, are likely to be interacting with their healthcare system regularly. Scammers also often go after children since evidence of fraud typically isn’t discovered until a child is old enough to apply for credit in his or her name.

How to Stay Safe

There are a number of ways to avoid falling victim to these deceptions and ensure your personal information stays secure. Follow these essential tips to maintain your security and peace of mind.

Be on your guard. Never share sensitive data such as passwords, banking information or credit card numbers unless you are absolutely certain of a caller’s identity. Impersonators may pressure you for these details and insist they are necessary to maintain your healthcare coverage. Remember that representatives from government agencies like the Social Security Administration will never call, text or email to ask for payment.

Verify before you trust. If you doubt the authenticity of a caller, don’t be afraid to disengage: Hang up the call. You can always call the number listed on the back of your insurance card or on an invoice from your healthcare provider to confirm that the person reaching out to you is, indeed, legitimate.

Read any communications carefully. Trust your instincts if a message seems suspicious. Check for misspellings, logos that look familiar but slightly off, or strange email addresses.

Be wary of email links and attachments. Don’t click on anything that comes from an unknown sender—or even from someone you do know— if you’re not expecting the message.

Ignore texts asking for money. Any unexpected text that leads to some form of money exchange is highly likely to be a scam. Contact your healthcare or insurance provider directly to ascertain the status of your account.

Potential exposure to a healthcare scam can be upsetting. However, Craig Kwiatkowski, chief information officer and senior vice president of Enterprise Information Services at Cedars-Sinai, notes that it’s important to remember your healthcare team is always on your side.

"Reach out to people you trust to determine whether a communication you have received is real," he said. "At Cedars-Sinai, we encourage people to contact us directly with their questions, and the same is true for any healthcare provider or insurer. Protecting patients is our number one priority."

Safeguarding Cedars-Sinai Patients

Cedars-Sinai is committed to shielding patients from healthcare scams. Our secure online health management tool, My CS-Link, uses access codes, personal IDs and personal passwords to ensure all health information is kept private. Each My CS-Link session is encrypted, and all communications take place while patients are logged on to our website.

Additionally, Cedars-Sinai emails sent from My CS-Link will only come from this address: MyCSLinkAlerts@mycslink.org. My CS-Link accounts can only be created at patients’ request.

Outside the My CS-Link environment, these basic guidelines can help patients avoid scammers’ malicious tactics:

  • Tread cautiously if you receive an unsolicited call from someone purporting to be from Cedars-Sinai.
  • Do not accept requests for remote access from any source you do not trust.
  • Do not take action if a caller, emailer or texter is engaging you with a sense of urgency or fear (perhaps insisting that your computer is infected or compromised and needs immediate attention).
  • Report suspicious communications that claim to be from Cedars-Sinai personnel to the Cedars-Sinai Help Desk by calling 310-423-6428 or emailing ir@cshs.org.