Posted: September 07, 2022
Phishing and hacking attempts are on the rise. A recent report from Abnormal Security found a 48% increase in email attacks over the previous six months, and 68.5% of those attacks included a credential phishing link.
Cybercriminals are posing as internal employees and executives and impersonating well-known brands. They are relying on the familiarity and reputation of brands to convince employees to provide their login credentials. Scammers are also disguising themselves behind emails and text messages to try and secure your personal information. All it takes is one employee clicking on a phishing link or providing private information and passwords to result in an entire organization becoming under attack.
For those of us in the healthcare industry, we must make it a priority to not only educate staff about cyber safety but also work with partners who are going above and beyond to provide secure experiences that ultimately protect PHI and administer the highest level of care.
When it comes to virtual care, organizations can no longer rely on simple video conferencing tools to patch a specialist into a medical session. Today, it’s more important than ever to partner with a virtual care system that is HIPAA-compliant and follows the proper security protocols.
Here are some ways organizations and individuals can safeguard themselves from an attack.
Educate employees to look for the signs
Employees are the front lines and the company’s strongest defense against cybercrime. Educate employees to be able to recognize a phishing email or text message, which can appear to be from a brand they trust, such as a bank, a mobile app, or an online store. Scammers will often create a sense of urgency or anxiety, pushing them to take action to click a link or open an attachment. Here are some examples:
They alert you to suspicious behavior or activity on your account
Claim a problem with payments
Ask you to confirm your personal information or multifactor identification
Invite you to click to make a payment
Offer up a coupon or something for free
Protect yourself from an attack
Don’t assume a spam filter will protect email accounts from phishing attacks. Make sure the security software on employees’ mobile phones and computers (and any technology connecting to the internal network) is updated so they can handle any new threats. Leverage multi-factor authentication, which means employees will need two or more credentials to log in to their account and back up data to an external drive or cloud storage.
What to do if you suspect a Phishing attack
If you receive an email or text message that asks you to click on a link or open an attachment, take a closer look. Do you have an account with the company that sent the message? If not, it could be phishing. Look for additional signs such as a “from” email address that is not related to the company, or spelling and grammatical errors in the text. Report the message and delete it.
If you do have a connection with the company and you are wondering if the message is safe contact the company’s main phone number or website and note the information you received. Do not click on anything until you hear confirmation from the company.
The FTC has helpful resources to help keep you educated on the latest phishing scams and safety tips. Visit their website to learn more.