(CBS) — A warning about a new scam which fools people because it sounds so legitimate.
It starts when you get a call from someone who knows all about your medical records and what medications you take. That is the hook.
The caller then tries to get critical information from you: your bank account number. CBS 2 Investigator Dave Savini explains the next step in this Original Report.
Chris Carlin received a series of suspicious phone calls last month from someone claiming to be with the health department.
“They are trying to use me for something and that to me is frightening,” said Carlin.
The caller had her cell phone number and had information Carlin said only she and her doctor knew. The Naperville mom says the callers even knew about a prior miscarriage that only her doctor knew about at Advocate Good Samaritan Hospital in Downers Grove.
“This is stuff they had no business knowing,” said Carlin.
The caller claimed Carlin was entitled to a financial award if she joined a class-action lawsuit involving the anti-nausea drug called Zofran for alleged birth defects and side effects. They knew she had a prescription for the drug.
“I said, ‘Leave me alone,’ and I hung up,” said Carlin. “And a third person calls – it was crazy.”
Gisela Cabrera says she received similar calls from area codes all over the world.
“This, one of the numbers, it was from Kenya,” said Cabrera.
In her case, the caller also knew about her prior medical procedures and use of Zofran.
“Basically they were asking for my information, so I could be in the class-action lawsuit,” said Cabrera. “They had all my information.”
Cabrera’s doctor also works at an Advocate-owned hospital – Illinois Masonic in Chicago. She and Carlin both wonder if the phone scammers got their medical records from a 2013, widely reported patient data breach they were both victims of within the Advocate chain.
Todd Kossow is with the Federal Trade Commission.
“It could be some sort of data breach,” Kossow said about what may have led to the calls.
Kossow says knowledge of your medical records can make scammers sound more legitimate over the phone.
“They want the consumer to believe that they are with some state or federal health department,” said Kossow.
He says the agency is investigating other similar complaints, and that ultimately the bad guys are after the numbers to your bank account which they will attempt to drain.
“Those sorts of government agencies are never going to call you and ask you to give up your personal information or your bank account,” said Kossow.
“I said this is protected information,” said Carlin. “This is something you shouldn’t have access too. I want to know how you got it.”
There’s an investigation by Advocate. A spokesman says they will take action to determine what occurred, but says the computers involved in the data breach did not include medical records used in the calls.
The FTC wants to know how this happened too. If you have been a victim, you can file an FTC complaint here.