Phishing via XPS Files

Email Phishing via XPS Files

Over the past month, some phishing attempts using xps files instead of the typical pdf or doc/docx formats have been captured by our filters. The xps file format is Microsoft’s alternative to pdf files. Windows machines with Vista or later operating systems natively support this extension with Windows xps file viewer. Actors have started taking advantage of this lesser-utilized format for their phishing campaigns.

Phishing Examples
AppRiver’s SecureTide email filtering has captured a wide range of these phishing messages. So far, they appear to be attributed to threat actors currently conducting Business Email Compromise (BEC) attacks. Attacks originate from legitimate (compromised) senders with the similar techniques, tactics, and procedures.

Viewing the XPS File
Users should not open or view unsolicited attachments, even from a known sender without intense scrutiny and/or verification. Scammers do exploit the trust that known contacts share. Hopefully a user will never see one of these, however, this is what these attached files look like when opened in an isolated test environment.

This information was brought to you by AppRiver. For more information and examples of phishing, follow this link: //

Use Spybot Anti-Beacon to Stop Tracking

Spybot Anti-Beacon is a standalone tool which was designed to block and stop the various tracking (telemetry) issues present in Windows 10. It has since been modified to block similar tracking functionality in Windows 7, Windows 8 and Windows 8.1 operating systems.

Anti-Beacon is small, simple to use, and is provided free of charge. It was created to address the privacy concerns of users of Windows 10 who do not wish to have information about their PC usage sent to Microsoft. Simply clicking “Immunize” on the main screen of Anti-Beacon will immediately disable any known tracking features included by Microsoft in the operating system.



SNF: Proposed FY 2019 Payment and Policy Changes

Skilled Nursing Facility: Proposed FY 2019 Payment and Policy Changes

CMS issued a proposed rule outlining proposed FY 2019 Medicare payment updates and proposed quality program changes for Skilled Nursing Facilities (SNFs).

Proposed Rule Details:

• Advancing My HealthEData: Request for Information from stakeholders
• Modernizing the SNF Prospective Payment System (PPS) Case-mix Classification System
• SNF Quality Reporting Program (QRP)
• SNF Value-Based Purchasing Program (VBP)
• Payment rate changes under SNF PPS

Use the following resources for more information:

Proposed Rule: CMS will accept comments until June 26
Press Release
SNF PPS website
SNF QRP website
IMPACT Act of 2014 Data Standardization & Cross Setting Measures webpage
SNF VBP Program website

Rehab CCI Edits version 24.2 was Released

New listing of Rehab CCI Edits (version 24.2 effective 07/01/2018 thru 09/30/2018) was released.

1. Download the archive: //

2. The password for the archive is: v242

3. The archive contains RehabCCIList.txt file. Copy the file to ADLx directory where Rehab Touch applications (RehabEditTool.dll, and RehabTouch.exe) are located.

The list is used by Rehab Touch to prompt for -59 and -X{EPSU} modifiers.

Other ADL Clients’ News

[catlist name=adl_clients_news orderby=date order=desc]

Medicare Beneficiary Identifier (MBI) Look-up Tool

Medicare Beneficiary Identifier (MBI) Look-up Tool

The Medicare Beneficiary Identifier (MBI) Look-up tool allows providers to use our secure eServices online portal to obtain the new MBI number when patients do not present their Medicare card. The MBI Look-up tool will only return an MBI if the new Medicare card has been mailed to avoid potential confusion if the MBI is used before the beneficiary receives their new Medicare card. Please review this article and share it with your staff.

Applies to:
JJ Part A//General
JJ Part B//General
JM Home Health and Hospice//General
JM Part A//General
JM Part B//General
Railroad Medicare (RRB)//General – Railroad Medicare

For more information, follow this link to the providers website.