Hackers targeting your pharmacy account to steal prescription drugs

When you need medication, you need to go to a doctor, get a prescription, and pick up the medication from a pharmacy. It is a regulated industry, and for the most part healthcare workers must follow strict guidelines. Picking up medicine for a parent or child? Tap or click for a free tool to save money.

As you know, some drugs are highly sought after by people without a prescription. Cybercriminals have found a backdoor way to obtain these drugs by targeting your online pharmacy accounts.

Keep reading to find out how they cope and how to protect your accounts.

Here is the backstory

Criminals no longer need to steal a doctor’s prescription pad or forge signatures to get their hands on controlled substances. Instead, they turn to technology.

Cybersecurity firm Kasada recently discovered that cybercriminals were using a technique known as credential stuffing to take control of pharmaceutical accounts. This helps them steal prescription drugs.

So what is credential stuffing? It’s when cybercriminals take stolen account credentials, usually as a result of massive data breaches, and use them with automated account-hacking tools to break into other online accounts.

They recently used this technique on pharmacy websites, hoping to take over the accounts of unsuspecting victims to steal prescription drugs. Once an account is taken over, hackers have access to active prescriptions. They can change the account shipping address to have the drugs sent to them, or they can sell the information on the black market.

“This activity is both illegal and dangerous. It puts drugs in the hands of people who don’t have a doctor’s prescription and allows drug addiction. It also takes away prescribed medication from people who legitimately need it,” Kasada explains in a blog post.

Some of the most sought after drugs are Adderall and Oxycodone, both very addictive. Kasada notes a fivefold increase in accounts stolen in the past 60 days. And no one is safe as criminals target customers of the 10 largest US pharmacies.

What can you do about it

As mentioned, criminals primarily pull off these prescription break-ins using credentials stolen from data breaches. They can buy stolen credentials cheaply on the Dark Web.

So, the best way to avoid having your pharmacy account taken over is to never use the same account credentials across multiple sites. Also, it would be helpful to know if you have ever been part of a data breach. The HaveIBeenPwned site will help you find out. Tap or click here for instructions on using HaveIBeenPwned.

There are other things you can do to stay protected. Here are some suggestions:

  • Use unique and strong passwords for each online account. If you use the same password for multiple accounts and one of them gets hacked, criminals will use the stolen credentials to access your other accounts.
  • Change your passwords often, at least once every two months. And make them as strong and safe as possible. Tap or click for help creating better passwords.
  • Enable two-factor authentication (2FA) for all of your online accounts that offer it. This will make it harder for hackers to access your accounts. Tap or click here to discover the benefits of 2FA.
  • Always have a trusted antivirus program updated and running on all your devices. This helps prevent hackers from stealing your credentials. We recommend our sponsor, AV total. Right now, get an annual plan with TotalAV for just $19 at ProtectWithKim.com. That’s over 85% off the regular price!

keep reading

Check your closet! 63 drugs recalled for possible contamination

Receive your prescriptions by mail? Your medications could be at risk

Comments are closed.