Scam of the day – August 9, 2023 – MyChart Phishing Scam

by | Aug 8, 2023 | Scam of the day

Phishing emails, by which scammers and identity thieves attempt to lure you into either clicking on links contained within the email which download malware or providing personal information that will be used to make you a victim of identity theft, are nothing new.   They are a staple of identity thieves and scammers and with good reason because they work. Reproduced below is a copy of a phishing email  that appears to come from MyChart.  MyChart is an online platform that allows you to communicate with your health care provider about a wide range of matters including scheduling appointments and reviewing your prescriptions.  MyChart and other online medical platforms became even more popular during the pandemic.

This is a very convincing phishing email.  It contained the first name of the Scamicide reader who forwarded it to me.  I have blocked out the name to protect the reader’s privacy.  I also have disarmed the links contained in the email which, if clicked on, would have taken you to an official appearing site where you would have been prompted to provide your username and password.  Providing this information to a scammer would result in identity theft.

Here is a copy of the MyChart phishing email presently being circulated

 

MyChart

Hello XXXX,

You have a new message in MyChart! Please sign in to read your message.

Thanks for using MyChart



Sign In to MyChart

MyChart is available on the go!
Available on the App Store Android app on Google Play
To change what notifications you receive and how you receive them,
log in to MyChart and choose Notifications from the Preferences menu

TIPS

This is a particularly insidious phishing email because the email address from which it was sent could appear to be legitimate and is not one that is obviously an email address of someone whose email account was hacked and made a part of a botnet of computers used to send out such phishing emails.  Also, the targeted victim’s name was included in the email.

As with all phishing emails, two things can happen if you click on the links provided.  Either you will be sent to a legitimate looking, but phony website where you will be prompted to input personal information that will be used to make you a victim of identity theft or, even worse, merely by clicking on the link, you may download keystroke logging malware that will steal all of your personal information from your computer or smartphone and use it to make you a victim of identity theft.

If you receive an email like this and think it may possibly be legitimate, merely call your health care provider where you can confirm that it is a scam, but make sure that you dial the telephone number correctly because scammers have been known to buy phone numbers that are just a digit off of legitimate numbers to trap you if you make a mistake in dialing the real number.

If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is sign up for free using this link. https://scamicide.com/scam-of-the-day/