Don't ask the federal government how much money citizens are losing to Obamacare Internet scams. Tracking the dollars stolen through fake exchanges and other sites that prey on insurance applicants apparently is not under the administration's jurisdiction.
The criminals are on top of it though.
Even before the $400 million official HealthCare.gov marketplace opened on Oct. 1, potentially fraudulent sites had reserved various incarnations of "Obamacare" for their homepage name, according to Web researchers. As of Wednesday afternoon, there were about 700 copycat sites, said John C. A. Bambenek, who watches abnormal online activity for the nonprofit Internet Storm Center.
The expectation is that some of these webpages are for hosting bogus insurance marketplaces.
“The real fraud is so-called fake exchanges . . . entities that set up what appear to be exchanges, but are not, with a link to provide your personal data and/or payment,” said Mark Rasch, former head of the Justice Department’s computer crime unit.
Soon, “phishing” emails, trick text messages and sham phone calls will direct you to online forms where you essentially enroll your personal information with identity thieves.
But the FBI, Federal Trade Commission and Health and Human Services Department each say following the money is not their agency’s responsibility.
An FBI spokeswoman said, "I suggest you check with the Federal Trade Commission or HHS on this. My understanding is FTC has the lead on accepting ACA-related complaints,” referring to the 2010 Affordable Care Act that authorized government-run healthcare exchanges.
FTC spokesman Frank Dorman said, "Our agency has no way to know how much money may be lost to any kind of scam.” The commission's complaint inbox, called the Consumer Sentinel Network, documents anecdotal reports, he explained. "Very few ACA-related complaints have been received in the past few years," Dorman said.
HHS officials with the department's office of inspector general said they are awaiting dollar amounts from the FTC and law enforcement agencies.
To be fair, it's too early – and nearly impossible -- to total up all the financial figures. The authentic HealthCare.gov homepage has been up for less than one billing cycle. Credit card charges and other account ripoffs likely won't show up until next month or later. Crooks who realize payments for premiums aren't due until Dec. 15 might not bother trying to fool applicants now. And much of this money might be pocketed indirectly through personal information sold on the black market.
While unable to provide any fraud data, the Centers for Medicare and Medicaid Services did provide instructional materials on how to avoid being conned.
An estimate of how much money has been stolen would be a good public service announcement too.
In the meantime, you can join us at Nextgov Prime in Washington on Nov. 20-21, where I'll be discussing some of the trends we're seeing in data breaches and the implications for federal networks. Registration is free for federal employees.