According to Washington University School of Medicine Protective Services, the WUSM Physical Therapy department received a call from someone impersonating the DEA to steal personally identifiable information.
In the call, they claimed to be an investigator from the DEA headquarters, saying that a nurse practitioner had reported fraud under their name, medical license number, and NPI number. The caller also provided a callback number. Wisely, the employee who received the call suspected a scam, so she notified her manager. Her hunch was correct, and Protective Services told the department not to cooperate should the “investigator” call back. Protective Services thinks the scammer’s goal was to get the nurse practitioner’s information and eventually extort money from her to “clear her name.”
The target of the scam was right to contact their manager with their suspicions. If you suspect you’re getting a phone call like this, Protective Services asks you to get as much information as possible from the caller. Using caller ID, try to write down the caller’s number. You can ask for a callback number by telling the scammer that you must contact management first. In this case, the scammers gave a Voice over Internet Protocol (VOIP) callback number, which is not something the DEA would use. Red Flag!
If you are a manager, notify Protective Services or other law enforcement. In this situation, the manager contacted Protective Services who then reported the scam to the FBI at www.ic3.gov on their behalf.
For more information about DEA impersonation scams, you can read our previous article on DEA Impersonation.
Additional Resources
Phishing | Office of Information Security | Washington University in St. Louis
Phishing 101 | Office of Information Security | Washington University in St. Louis
Vishing | Office of Information Security | Washington University in St. Louis (wustl.edu)
Protect Yourself from Social Engineering