Notice of ransomware scam targeting plastic surgeons
Please read: Fraudulent ransomware targets plastic surgeons
There has been a concerted attack on plastic surgeons via phone solicitation and email from a group posing as ABPS Board Office employees attempting to send "Certification data, information or booklets."
Individuals are posing under the names "Stephan Kash" and "Gary Hanuscin," which are altered versions of the names of ABPS staff members. The individuals will also spoof the Board's name, contact information and e-mail signature. The callers use publicly available phone numbers to contact individual clinical offices to request an email address over the phone. Alert your office staff now NOT to provide your email address over the phone.
Once the attacker has an email address, an attachment/link is then sent to the surgeon – which appears to come from the Board Office. Surgeons have opened this email attachment/link which launches the ransomware and combs the surgeon's network for patient data and photos. This then leads to an extortion attempt to release that data.
- Do NOT provide your email address over the phone to any caller – inform your staff as well.
- Do NOT open any unsolicited attachments – delete the email.
If you open the attachment:
- Turn off your internet connection immediately to halt the malware attack on the network.
- File an IC3 report with the FBI at https://www.ic3.gov/Home/FileComplaint.
- Contact the ABPS Office – the office will also report the incident to the FBI and connect you with the agent working on the investigation. FBI agents may need to come to your physical location to investigate the network or will assist you in sharing event logs to evaluate the incident.
- Institute an Incident Response Team – reach out to your legal counsel or malpractice insurance company for a recommendation. This response team will work with you to re-establish your network.
The attackers do not have access to ABPS data – they simply call a published office phone number and request an email address over the phone. Physicians who are not affiliated with the ABPS have also received such calls.
Please alert your office staff that the Board Office will not call to "forcibly" send you an email. The Board Office will call diplomates only to remind them of deadlines when approaching the last year of certificate expiration. Diplomates can log into their tracking page on the Board's website to access Continuous Certification information at any time. If in doubt, the Board Office staff can be reached at (215) 587-9322.
If you receive, or have already received, a call and e-mail described as above, please let the Board know at email@example.com. As always, should you have any questions or concerns, please do not hesitate to reach out to the Board Office at (215) 587-9322 or firstname.lastname@example.org.