CMS warns of phishing fax scheme; AHA monitoring other reported social engineering schemes 

Jun 26, 2025 - 04:04 PM
Cybersecurity image of a digital lock

The Centers for Medicare & Medicaid Services today announced it has identified a fraud scheme targeting Medicare providers and suppliers. CMS said scammers are impersonating the agency, sending phishing fax requests for medical records and other documentation while falsely claiming to be part of a Medicare audit. CMS said it does not initiate audits by requesting medical records via fax. The agency advised against responding if someone suspects they received a suspicious request and to work with their medical review contractor to confirm the validity of the request. 
 
“In typical fashion, scammers are taking advantage of the latest headlines to steal funds and information from individuals and organizations,” said John Riggi, AHA national advisor for cybersecurity and risk.  
 
In addition to the fax scam, Riggi said the AHA continues to receive reports of increased social engineering schemes targeting hospital IT, human resources, vendor and patient portal help desks. “These schemes may involve a combination of phone, text and synthetic audio and video,” Riggi said. “Organizations should ensure strict multifactor authentication protocols are in place, train help desk staff on these schemes and enhance help desk challenge questions. If your organization becomes a victim of a social engineering scheme, report the incident to the FBI Internet Crime Complaint Center at www.ic3.gov.

For more information on this or other cyber and risk issues, contact Riggi at jriggi@aha.org. For the latest cyber and risk resources and threat intelligence, visit aha.org/cybersecurity

Related News Articles

Headline
Study finds less than 40% of Medicare beneficiaries with OUD receive standard care
A Health Affairs study published Sept. 2 found that less than 40% of Medicare beneficiaries with opioid use disorder received standard care in alignment with…
Headline
Agencies release guidance on software for widespread cybersecurity improvement
The Cybersecurity and Infrastructure Security Agency, National Security Agency and international agencies Sept. 3 released joint guidance outlining a “software…
Headline
AHA study finds HOPDs treat sicker patients than independent physician offices
The AHA Sept. 3 released a study conducted by KNG Health Consulting that found Medicare patients who receive care in a hospital outpatient department are more…
Headline
Advisory warns of activity by Chinese state-sponsored cyber actors
Chinese state-sponsored cyber actors are maliciously targeting networks globally, including telecommunications, government and others, according to a joint…
Headline
AHA praises legislation extending incentive payments for Medicare Advanced Alternative Payment Models
The AHA Aug. 28 expressed support for the Preserving Patient Access to Accountable Care Act in comments to House and Senate sponsors of the bill. The…
Blog
Setting the Record Straight: Separating Fact from Fiction on Health Insurance Marketplace Fraud
Public
The Paragon Health Institute has published a series of new reports once again alleging large-scale “fraud” in health care. This time their target is enrollment…