SCARS Institute’s Encyclopedia of Scams™ Published Continuously for 25 Years
FBI Warning: Cybercriminals are Targeting Plastic Surgery Offices and Patients for Extortion
FBI WARNING Alert Number: I-101723-PSA – October 17, 2023
SCARS Introduction to FBI Warning:
The FBI Warning is about Cybercriminals are increasingly targeting plastic surgery clinics in order to hack into their databases and access patient files. The goal of these attacks is often to extort money from the clinics or their patients.
Cybercriminals use a variety of methods to hack into plastic surgery clinics, including phishing attacks, ransomware attacks, and software vulnerabilities. Once they have gained access to a clinic’s database, they can steal patient files that contain sensitive information such as names, addresses, phone numbers, email addresses, medical records, and before-and-after photos.
The FBI warns that Cybercriminals then use this information to extort money from the clinic or its patients. They may threaten to release the sensitive information to the public, sell it to third parties, or use it to commit identity theft.
In some cases, cybercriminals may also target individual patients directly. They may contact patients via email or social media and threaten to release their sensitive information if they do not pay a ransom.
Plastic surgery clinics are particularly vulnerable to cyberattacks because they often store a large amount of sensitive patient data. Additionally, many plastic surgery clinics are small businesses that may not have the resources to invest in robust cybersecurity measures.
FBI Warning About Plastic Surgery Extortion
The FBI is warning the public about cybercriminals who target plastic surgery offices, surgeons, and patients to harvest personally identifiable information and sensitive medical records, including sensitive photographs in some instances. Once successful, cybercriminals use social engineering techniques to enhance the harvested data and extort individuals for cryptocurrency.
FBI Warning about this Scan
- Phase 1 – Data Harvesting
Using technology to disguise their phone numbers and email addresses (“spoof”), cybercriminals use phishing to deploy malware to plastic surgery offices. Once successful, cybercriminals harvest electronically protected health information (ePHI), which includes sensitive information and photographs.
- Phase 2 – Data Enhancement
Cybercriminals use open-source information, including social media, and social engineering techniques to enhance the harvested ePHI data of plastic surgery patients. Cybercriminals use the enhanced data as leverage for extortion in Phase 3 and may use it for other fraud schemes.
- Phase 3 – Extortion
Cybercriminals contact plastic surgeons and their patients via social media accounts, emails, text messages, or messaging apps, and ask for payment to prevent sharing of their ePHI. To exert pressure on victims for extortion payments, cybercriminals share the sensitive ePHI to victims’ friends, family, or colleagues, and create public-facing websites with the data. Cybercriminals tell victims they will remove and stop sharing their ePHI only if an extortion payment is made.
Tips To Protect Yourself
- Review profile settings in your social media accounts to strengthen privacy. Preferably, make your account private and limit what can be posted by others on your profile. Audit friend lists to ensure they consist of and are visible to people you know. Only accept friend requests and follow from people you know. Enable two-factor authentication to log in.
- Secure accounts (e-mail, social media, financial, bill pay) by creating unique and complex passwords for login; consider using a password manager to help you remember them.
- Monitor bank accounts and credit reports for any suspicious activity; consider placing a fraud alert or security freeze on your credit reports to prevent unauthorized access.
Report It
The FBI requests victims report these fraudulent or suspicious activities to the FBI IC3 at www.ic3.gov. Be sure to include as much information as possible.
- The name of the person who contacted you.
- Method of communication used, to include websites, emails, and telephone numbers.
- The wallet address(es) or bank account number(s) for extortion payments and recipient name(s), if provided.
If the crime involves cryptocurrency it should also be reported to the U.S. Secret Service – visit reporting.AgainstScams.org to learn more.
More:
- Cybercriminals are Targeting Plastic Surgery Offices and Patients (ic3.gov)
- Cybersecurity Failure Is Inevitable – Plan For It (scamsnow.com)
- Law Enforcement: What is the Difference Between the FBI, Europol, Interpol, and the NCA? (romancescamsnow.com)
- The FBI Is International (romancescamsnow.com)
- Qakbot Botnet Infrastructure Shattered After An International Operation Led By FBI/Europol Takes It Down (scamsnow.com)
- Cryptocurrency Recovery Alert from the FBI (scamsnow.com)
- Scams and Cryptocurrency Go Hand in Hand (scamsnow.com)
- Government Impersonation Scams Are On The Rise! (scamsnow.com)
-/ 30 /-
What do you think about this?
Please share your thoughts in a comment below!
Table of Contents
- A Warning About A New Scam That Involves Hacking Plastic Surgery Clinics And Extorting Money From Their Patients
- FBI Warning: Cybercriminals are Targeting Plastic Surgery Offices and Patients for Extortion
- SCARS Introduction to FBI Warning:
- FBI Warning About Plastic Surgery Extortion
- Tips To Protect Yourself
- Report It
- More:
Rapid Report Scammers
In the U.S. & Canada
U.S. & Canada Suicide Lifeline 988
LEAVE A COMMENT?
Recent Comments
On Other Articles
- SCARS Institute Editorial Team on Danielle Delaunay/Danielle Genevieve – Stolen Identity/Stolen Photos – Impersonation Victim UPDATED 2024: “We highly recommend that you simply turn away form the scam and scammers, and focus on the development of a…” Feb 4, 19:47
- on The Art Of Deception: The Fundamental Principals Of Successful Deceptions – 2024: “I experienced many of the deceptive tactics that romance scammers use. I was told various stories of hardship and why…” Feb 4, 15:27
- on Danielle Delaunay/Danielle Genevieve – Stolen Identity/Stolen Photos – Impersonation Victim UPDATED 2024: “Yes, I’m in that exact situation also. “Danielle” has seriously scammed me for 3 years now. “She” (he) doesn’t know…” Feb 4, 14:58
- on An Essay on Justice and Money Recovery – 2026: “you are so right I accidentally clicked on online justice I signed an agreement for 12k upfront but cd only…” Feb 3, 08:16
- on The SCARS Institute Top 50 Celebrity Impersonation Scams – 2025: “Quora has had visits from scammers pretending to be Keanu Reeves and Paul McCartney in 2025 and 2026.” Jan 27, 17:45
- on Scam Victims Should Limit Their Exposure To Scam News & Scammer Photos: “I used to look at scammers photos all the time; however, I don’t feel the need to do it anymore.…” Jan 26, 23:19
- on After A Scam, No One Can Tell You How You Will React: “This article was very informative, my scams happened 5 years ago; however, l do remember several of those emotions and/or…” Jan 23, 17:17
- on Situational Awareness and How Trauma Makes Scam Victims Less Safe – 2024: “I need to be more observant and I am practicing situational awareness. I’m saving this article to remind me of…” Jan 21, 22:55
- on Scam Grooming: Finding Common Interests: “I was definitely groomed by the scammer. My Facebook profile lists me as single and if research is done on…” Jan 21, 14:23
- on KNOW YOUR ENEMY: Tessa Fowler – A Favorite Of African Scammers: “There is a very obvious catfish profile of this girl in Instagram by the name Olivia022. There’s only 2 photos…” Jan 20, 16:24
ARTICLE META
Important Information for New Scam Victims
- Please visit www.ScamVictimsSupport.org – a SCARS Website for New Scam Victims & Sextortion Victims
- Enroll in FREE SCARS Scam Survivor’s School now at www.SCARSeducation.org
- Please visit www.ScamPsychology.org – to more fully understand the psychological concepts involved in scams and scam victim recovery
If you are looking for local trauma counselors please visit counseling.AgainstScams.org or join SCARS for our counseling/therapy benefit: membership.AgainstScams.org
If you need to speak with someone now, you can dial 988 or find phone numbers for crisis hotlines all around the world here: www.opencounseling.com/suicide-hotlines
A Note About Labeling!
We often use the term ‘scam victim’ in our articles, but this is a convenience to help those searching for information in search engines like Google. It is just a convenience and has no deeper meaning. If you have come through such an experience, YOU are a Survivor! It was not your fault. You are not alone! Axios!
A Question of Trust
At the SCARS Institute, we invite you to do your own research on the topics we speak about and publish, Our team investigates the subject being discussed, especially when it comes to understanding the scam victims-survivors experience. You can do Google searches but in many cases, you will have to wade through scientific papers and studies. However, remember that biases and perspectives matter and influence the outcome. Regardless, we encourage you to explore these topics as thoroughly as you can for your own awareness.
Statement About Victim Blaming
SCARS Institute articles examine different aspects of the scam victim experience, as well as those who may have been secondary victims. This work focuses on understanding victimization through the science of victimology, including common psychological and behavioral responses. The purpose is to help victims and survivors understand why these crimes occurred, reduce shame and self-blame, strengthen recovery programs and victim opportunities, and lower the risk of future victimization.
At times, these discussions may sound uncomfortable, overwhelming, or may be mistaken for blame. They are not. Scam victims are never blamed. Our goal is to explain the mechanisms of deception and the human responses that scammers exploit, and the processes that occur after the scam ends, so victims can better understand what happened to them and why it felt convincing at the time, and what the path looks like going forward.
Articles that address the psychology, neurology, physiology, and other characteristics of scams and the victim experience recognize that all people share cognitive and emotional traits that can be manipulated under the right conditions. These characteristics are not flaws. They are normal human functions that criminals deliberately exploit. Victims typically have little awareness of these mechanisms while a scam is unfolding and a very limited ability to control them. Awareness often comes only after the harm has occurred.
By explaining these processes, these articles help victims make sense of their experiences, understand common post-scam reactions, and identify ways to protect themselves moving forward. This knowledge supports recovery by replacing confusion and self-blame with clarity, context, and self-compassion.
Additional educational material on these topics is available at ScamPsychology.org – ScamsNOW.com and other SCARS Institute websites.
Psychology Disclaimer:
All articles about psychology and the human brain on this website are for information & education only
The information provided in this article is intended for educational and self-help purposes only and should not be construed as a substitute for professional therapy or counseling.
While any self-help techniques outlined herein may be beneficial for scam victims seeking to recover from their experience and move towards recovery, it is important to consult with a qualified mental health professional before initiating any course of action. Each individual’s experience and needs are unique, and what works for one person may not be suitable for another.
Additionally, any approach may not be appropriate for individuals with certain pre-existing mental health conditions or trauma histories. It is advisable to seek guidance from a licensed therapist or counselor who can provide personalized support, guidance, and treatment tailored to your specific needs.
If you are experiencing significant distress or emotional difficulties related to a scam or other traumatic event, please consult your doctor or mental health provider for appropriate care and support.
Also read our SCARS Institute Statement about Professional Care for Scam Victims – click here to go to our ScamsNOW.com website.
Thank you for your comment. You may receive an email to follow up. We never share your data with marketers.