Gardaí probe reports of scammers with personal info attempting to dupe people into giving bank details

Robin Schiller

May 24 2021 03:08 PM

Gardaí have received reports of fraudsters with access to personal and medical information attempting to dupe people into handing over their bank details.

The scam, involving a caller purporting to be from a Dublin hospital, has seen people asked for their bank account number on the pretence of offering a refund for overcharging them.

The caller also has knowledge of the victim’s personal details including their date of birth, PPS number and the length of their hospital stay.

Gardaí have received a number of reports in relation to the scam and are appealing for anyone who is a victim of a cyber crime to report it to their local garda station.

The matter is now under investigation but it has not yet been established if it is directly linked to the HSE hack, or part of a separate scam.

The gang involved in the cyber attack on the health service had warned that they would leak the stolen material today if their ransom demands were not met.

Specialist detectives are continuing to trawl the dark web but are not aware of any stolen health service data being dumped online.

However, they are anticipating the data being either released online or sold on to other scammers.

The Government has repeatedly stated that it will not pay any sum demanded by the criminals.

A hacking group known as ‘Wizard Spider’, based in Russia, are believed to be behind in the cyber attack.

The FBI have also issued an alert saying that the Conti ransomware gang have been involved in 16 attacks on US emergency facilities in the last year.

This includes hospitals, law enforcement agencies, first responder networks and 911 dispatch centres, with the cyber criminals targeting over 400 organisations worldwide.

In its alert the FBI warned that stolen data is sold or published online, with ransom amounts varying widely and assessed to tailor each victim.

“If the victim does not respond to the ransom demands two to eight days after the ransomware deployment, Conti actors often call the victim using single-use Voice Over Internet Protocol (VOIP) numbers.

“The actors may also communicate with the victim using ProtonMail, and in some instances victims have negotiated a reduced ransom,” the FBI’s Cyber Division warned.

The Garda National Cyber Crime Bureau is continuing its criminal investigation into the attack and are continuing to examine small amounts of data which circulated online last week, allegedly from the HSE hack.

“In general, our crime prevention advice has been and remains - if you are contacted by persons stating that they have your personal details and/or looking for bank account details you should not engage or provide any personal information,” they said in a statement over the weekend.

“An Garda Síochána is encouraging people to report suspected breaches of personal data, which will be examined by specialist investigators. Such reports will be handled in a sensitive manner,” they added.