We have seen a recent surge in fraudulent emails and phone calls targeting Florida health care practitioners by impersonating the Department of Health or Division of Medical Quality Assurance (MQA). These scams leverage information about the licensure and enforcement processes to attempt to steal your personal or financial information.
What You Need to Know:
Common Tactic :
- Emails or texts with links to file shares or login pages designed to steal your credentials.
- Fake emails from “MQA Online Services,” or asking you to verify or update personal information.
- Spoofed websites or messages that closely mimic official MQA/Department communications.
- Phone calls from imposters claiming to be investigators with fake badge numbers or case IDs.
- Threats of immediate license suspension to create panic and urgency.
- Look-alike email addresses, like flheallth.gov or fl-health.org.
- Malware attachments disguised as forms or case documents.
- Payment demands via gift cards, Venmo, wire transfers, or crypto.
Protect Yourself By :
- Ask yourself: Why would I need my password to access someone else’s file share? Do not enter credentials on unknown pages.
- Watch for inconsistent capitalization, vague language, poor grammar, or missing contact information – all red flags.
- Always verify the sender’s email domain. Official emails will come from @flhealth.gov.
- Never provide personal or banking information over the phone. Hang up and contact MQA directly to confirm.
- MQA does not send suspension notices via phone or email. Be cautious of urgent demands to “act immediately.”
- Double-check domains, letter by letter. When in doubt, call MQA directly using verified contact information.
- Do not open attachments from unknown sources. Official MQA emails include clear context, contact information, and official email signatures.
- MQA will never ask for payment via untraceable methods. Only pay through secure, verified channels.
What to Do If You Suspect a Scam:
If you have accidentally entered your credentials into any prompt or website that seems suspicious, or if you have been contacted by a suspicious caller or email, change your password immediately, gather the following information about the incident, and report it by calling the MQA Customer Contact Call Center at 850-488-0595 or emailing MedicalQualityAssurance@flhealth.gov.
- A description of the scam and how you were contacted.
- Screenshots of the phone call (with the timestamp and number).
- Photos of any documents or emails received (including the sender’s email or fax number).
- A copy of the envelope or bank charges, if applicable.
Coming Soon: Multi-Factor Authentication
To better protect your MQA Online Services account, MQA is launching multi-factor authentication (MFA) later this year. MFA adds an extra layer of security – requiring you to confirm your identity using something you know (like a password) and something you have (like a mobile device or fingerprint). Stay tuned for more updates on this important security upgrade.
Thank you for helping us protect the integrity of Florida’s health care workforce.
Sincerely,
Division of Medical Quality Assurance
Florida Department of Health