May 31, 2019
Area(s) of Interest: Fraud & Abuse
Health Net Federal Services (HNFS) recently notified providers about an email phishing scam targeting TRICARE West Region providers. The scam involves using a spoofed HNFS website in an attempt to acquire providers’ email addresses and passwords.
Providers have reported receiving emails from an organization pretending to be “TRICARE West” or HNFS (for example, “firstname.lastname@example.org” or “Tricare-west Healthnet”). The email instructs the recipient to log in to “your account” to review account information. Upon clicking a link, the recipient is redirected to a fake website that mimics the official HNFS website. The recipient is asked to verify his/her identity by entering in his/her email address and email address password. The scammers can then use this information to try and access your email account or other online accounts.
HNFS reminds physicians that while they may send emails about your tricare-west.com account, they we will never ask you to provide passwords associated with personal or professional email addresses (for example, Yahoo Mail, Gmail, Outlook). You will only ever be asked to enter the username and password specific to www.tricare-west.com to access secure tools on the website.
If you receive a suspected phishing email, do not open any attachments or click on any links. If you need to verify tricare-west.com account information, access the website directly from your web browser.
HNFS offers multiple ways for providers and beneficiaries to report suspected fraud:
- Online: Using the HNFS Report Fraud or Abuse function
- Phone: HNFS’ Fraud Hotline at (844) 886-2206
- Email: Program.Integrity@healthnet.com
- Fax: (844) 734-1266
- Mail: HNFS Program Integrity, PO Box 10310, Virginia Beach, VA 23450-10310