In 2024, over 300 million patient records were compromised — a 26% increase from the previous year.¹ While this number is concerning, it also represents an opportunity. It’s a chance for organizations across the healthcare and benefits ecosystem to take action, strengthen protections and reassure participants that their information is in trusted hands.

For benefits administrators, this isn’t just a matter of technology. It’s about creating a culture of security, making informed choices, and proactively educating participants on how to protect themselves in an increasingly complex digital environment.

Healthcare data is rich in detail: names, Social Security numbers, policy details, diagnoses, and even financial information. That’s why cybercriminals go after it, and why benefits administrators must be part of the solution.

Unlike a stolen credit card that can be quickly canceled, medical records are virtually permanent and 50 times more valuable on the dark web. Once stolen, this information can be exploited to create synthetic identities, file fraudulent insurance claims, or even gain access to prescription drugs.

Worse, when these records are manipulated, they can corrupt a patient’s medical history. This can lead to misdiagnoses, delays in care, or even inappropriate treatments. Victims often face years of cleanup, tangled in bureaucracy and bearing both financial and emotional costs.

Cybercriminals are constantly evolving their tactics. Some of the most effective threats rely not on breaking into systems, but on manipulating people. These social engineering scams exploit human trust and urgency rather than software vulnerabilities, making them especially dangerous. Here are some of the most common methods individuals should be on the lookout for:

Impersonation scams

Scammers may pose as trusted institutions — such a bank, employer, or even benefits provider — using fake caller IDs or realistic emails and texts. They often claim there’s suspicious activity on the account and pressure the accountholder to take immediate action, such as making a payment or sharing sensitive information. Their goal is to create panic and urgency so that you bypass normal verification steps.

Smishing and fishing

Fraudsters frequently use email (phishing) or text messages (smishing) to trick individuals into clicking malicious links or sharing login credentials. These messages often appear to be from a known service like a delivery company, toll road provider, or internal department. Once you click the link or provide details, attackers can hijack your accounts or steal your identity.

Fake deposit and overpayment scams

On social media and other platforms, scammers may pose as buyers, employers, or even charitable organizations, offering to send you money. Often, they send a check or digital payment that initially appears to clear, then ask you to send back part of the money. Eventually, the payment fails, leaving you responsible for the full amount you returned.

Investment and payment scams

Too-good-to-be-true investment opportunities, particularly those demanding payment in cryptocurrency or gift cards, are a red flag. Scammers may promise high returns or urgent benefits but ultimately leave victims with financial losses and no recourse.

The single most important tool in preventing fraud is awareness. When armed with the right knowledge, participants have the power to thwart these attacks.

As a benefits administrator, you can provide clear, practical guidance on how to recognize and respond to potential fraud. Remind participants never to share a one-time passcode (OTP) or password with anyone — even if the request appears to come from a trusted source. They should be wary of unsolicited emails, texts, or phone calls that ask for account information. And if they ever feel unsure, they should contact their benefits provider directly using the number listed on the back of their benefits card or other official materials.

Ongoing education can make a significant difference. Look for opportunities to embed fraud awareness into existing communication channels such as open enrollment packets, digital portals, email newsletters, or internal chat tools. Hosting brief webinars or lunch-and-learn sessions with your IT or cybersecurity teams can help reinforce these messages and answer questions in real time.

You can also help participants stay ahead of threats by promoting strong credential habits. Encourage the use of unique, complex passwords and support multifactor authentication (MFA) where available. This simple shift can significantly reduce the risk of unauthorized account access, especially since password reuse remains one of the most common security vulnerabilities.

As part of your overall benefits strategy, consider incorporating identity protection or fraud monitoring services. In collaboration with Mastercard, Alegeus is proud to offer our partners and their participants HealthLock, which includes account monitoring, proactive notifications, member support and more. These tools offer an added layer of defense and peace of mind.

Finally, make sure your customers know exactly how to report suspicious activity. Provide clear steps and contact information, and emphasize that it’s always better to raise a concern early, even if it turns out to be a false alarm.

For more shareable tips, check out our article, “Reducing fraudulent account takeover risk.”

Cybersecurity doesn’t have to be overwhelming. With thoughtful planning and proactive education, benefits administrators can play a pivotal role in reducing fraud risk and reinforcing participant trust.

By moving beyond compliance checklists and embracing a more holistic, human-centered approach to data protection, you’re not just shielding information — you’re safeguarding health, peace of mind, and the integrity of the benefits experience.

¹Source: 2025 Mastercard data.