Medical society meetings are increasingly facing online attacks from fraudsters looking to gain information about their attendees, or even access to their email accounts.
A “fraud alert” published on the American Society for Reproductive Medicine (ASRM) website in late September warned members to watch out for emails from scammers. Many involve phishing scams offering attendee lists to members planning to go to this month’s Scientific Congress in Baltimore.
“If you receive an e-mail solicitation offering a pre-attendee or attendee e-mail meeting list,” the alert said, “do not respond and delete it immediately. This is a phishing scam and attempt to gain information and entrance into your email portal.”
These kinds of emails are one way scammers are targeting medical meetings, which are increasingly being held in-person once again following a pandemic-induced moratorium. These attacks are not new, but are more aggressive, according to ASRM.
“It’s another battlefield for cyber warfare,” said Paul Jordan, who directs IT for the society. “They’re not going to go away. It’s a constant moving target.”
ASRM has seen a heightened volume of scamming this year, said Jordan and Sean Tipton, the organization’s chief advocacy, policy, and development officer. Tipton attributed this increase to the roughly 18-month hiatus separating in-person meeting seasons, speculating that many scammers are trying to make up for the consequent lost revenue.
Meeting registrants are curious who else will be there, he noted, making attendee lists valuable. But such scams usually involve touting lists they do not actually have, said Jordan and Tipton. While associations such as ASRM keep lists of attendees for planning purposes, they typically do not sell or otherwise share them.
Other fraudsters have taken to different tactics.
“Look Before You Book Your Hotel,” advised the headline of a recent email sent by the American College of Emergency Physicians (ACEP) to members planning to attend their upcoming scientific meeting in Boston. Scammers have been trying to fool members into making nonexistent hotel reservations via email, among other methods, according to ACEP.
“A number of fraudulent registration and housing websites posing as ACEP continue to emerge each year. Some fraudulent sites may be sending emails directly to you, or are paying to be within a Google search result so you register or book your hotel with them,” ACEP said in its email.
Scammers have also crafted fake meeting websites, which can show up in Google searches, in part because Google accepts their revenue to advertise the phony sites, Jordan noted.
Scammers often fool people by changing one letter (especially in the association website’s domain) and stealing graphics from the actual associations to use in emails, Jordan and others said.
Email is not a new scam tactic when it comes to medical meetings, Tipton said, estimating that fraudsters have been targeting medical meetings for at least a decade.
Scammers have leveraged email and association memberships to target healthcare workers in other arenas too. The American Medical Association (AMA) sent a “security alert” to members in January, noting that scammers were posing as AMA’s then-current president, Susan Bailey, MD, and past president Patrice Harris, MD, in messages to foreign providers, soliciting their applications for healthcare jobs in the U.S. The AMA reported the emails to the FBI, according to its alert.
Scientist and author Adam Ruben, PhD, cited other scam email commonalities — including excessive flattery, overstating the conference’s significance, and urgently demanding a reply without explanation — in a Science column about his experience being solicited to present at “predatory conferences.”
Society leaders typically post blogs and social media messages, or email members, to warn them about such scams. ASRM also asks Google to remove the ads for phony sites, Jordan said. Google obliges, but the ads have a tendency to “pop back up” later.
ACEP encourages members to look for the official hotel reservation vendor’s logo when booking hotel rooms, pasting this logo in its email warning. ASRM uses the same website domain for its meeting every year, Jordan noted, and reminds members to trust only that URL.
“We try to educate our members and attendees so they know it’s out there,” Tipton said. But there is not much else they can do to prevent scammers from attacking members — especially those prominent enough to have their names and contact information available online.
“People are upset if they get scammed, but there’s not much we can do for them,” he added.
“I don’t think it will ever end,” lamented Jordan.
“It’s not the kind of thing individual organizations who set up meetings are going to be able to tackle. I think it’s a much bigger issue than that; it is really hard to stay a step ahead of these folks,” Tipton noted. “Individual attendees have to be attentive.”
ACEP and Meeting Professionals International, which runs a medical and healthcare community, did not return requests for comment.
Last Updated October 14, 2021
Source: MedicalNewsToday.com
