The Texas Medical Association warns physicians to be on alert for scammers pretending to be affiliated with TMA, a TMA-authorized vendor, or a county medical society (CMS) following recent phishing attacks.
These cyberattacks utilize fake invoices disguised as genuine communications to trick receivers into providing sensitive information, such as bank details, credit card numbers, personal identity data, and passwords. These messages frequently include language to pressure recipients to take quick action, such as “immediate action required” or “urgent” within the email’s subject line.
Below is a copy of the latest email scam circulating to CMS members across the state:
Hello [Name]
I am currently out of the office and have limited access to my phone. Could you manage an operating expense for us with one of the following payment methods: Zelle, Apple Pay, ACH, wire transfer, or PayPal?
Because [name] is not available to handle it right now, please let me know if you can assist so that I may email you the vendor's payment details; I will process your refund once the treasurer is available.
Warm regards,
[Name]
Often, these emails use logos and branding of well-known companies to impersonate businesses or known individuals – especially those in leadership positions – to steal money, says John Dorman, TMA chief operating officer and director of administrative services.
Mr. Dorman cautions that official communication from CMS representatives or TMA will almost always include an organization specific email domain, such as TMA’s texmed.org. However, legitimate addresses can be hacked. Mr. Dorman suggests always calling the supposed individual to verify an email’s legitimacy, especially if the communication asks for financial or private contact information.
“If you can’t get ahold of the sender, don’t send the money,” Mr. Dorman said. “And remember: TMA or your CMS will never send you a request asking you to make an operating expense payment on our behalf.”
Other recent scams targeting physicians include calls, emails, and even faxes from criminals pretending to be the U.S. Drug Enforcement Administration, FBI personnel, or Texas Medical Board employees. These emails usually demand money to reinstate a license or threaten enforcement action unless the physician or practice pays a fine.
Shannon Vogel, TMA’s associate vice president of health information technology, recommends physicians report such fraud directly to the Federal Trade Commission. She also warns that phishing scams, especially those utilizing artificial intelligence platforms like ChatGPT, are becoming “more difficult to catch,” and suggests examining the tone of the email to check if it matches how the sender usually speaks.
She also recommends physicians:
- Avoid opening email attachments from unknown, suspicious, or untrustworthy sources;
- Ignore emails with questionable subject lines;
- Exercise caution when downloading files from the internet and make sure the website is legitimate and reputable;
- Contact a company via its published customer service contacts to find out whether an email is legitimate before taking the requested action or clicking on any link; and
- Use two-factor authentication to access their own accounts to mitigate unauthorized access.
TMA offers information regarding common scams, including how to navigate suspicious mailing lists and websites.
Physicians also can receive cyber consulting services and cyber liability coverage from the Texas Medical Liability Trust, which typically includes network security and privacy-related exposures such as lost or stolen laptops or theft of patient data.
Alisa Pierce
Reporter, Division of Communications and Marketing
(512) 370-1469