The North Carolina Department of Health and Human Services has identified a malicious phishing attempt where the state government email address of Stacey Crute, ending in “.gov”, has been spoofed to a non-state email address ending in “.com.” Do not respond or take requested action if you receive this email.

Phishing is a technique for attempting to acquire sensitive data, such as bank account numbers, through a fraudulent solicitation in email or on a website, in which the perpetrator masquerades as a legitimate business or reputable person.

The user of this spoofed account has sent fraudulent email messages to nursing facility providers who are required to pay a monthly assessment (a/k/a provider bed tax). The email attempts to falsely convince providers they must change their method of payment from a paper check remittance to the North Carolina Department of Health and Human Services Accounts Receivable to an electronic remittance for an unknown bank account. Providers should NOT follow the instructions of this phishing email.

The proper method of remittance of the monthly provider assessment continues to be a paper check remittance payable to the Division of Health Benefits with “Provider Fee Assessment” in the Memo Field and mailed to either of the below:

Mailing Address:
DHHS Accounts Receivable
2022 Mail Service Center
Raleigh, NC 27699-2022

Overnight Address:
DHHS Accounts Receivable
1050 Umstead Drive
Dorothea Dix Campus
Raleigh, NC 27603

If providers have been targeted by this phishing attempt, we recommend they contact their own Privacy / Security Officer and follow their agency’s protocols for such an attempt.

If providers have sent provider bed tax funds to this external phishing attempt, we recommend they follow the above and alert the Department contact below:

Alicia Hunter – Office of the Controller [email protected]
Lashan Johnson – Office of the Controller [email protected]