One of the major threats in keeping the confidentiality of healthcare data is phishing. If you have noticed, a number of news updates in the past weeks involved healthcare organizations announcing cases of unauthorized access of protected health information (PHI). Hackers got access to email accounts having PHI of countless patients because unsuspecting healthcare employees responded to phishing emails. According to Proofpoint’s Quarterly Threat Report, the volume of malicious email soared in the third quarter of 2017. Compared to quarter 3, malicious email volume increased by 85%.
In the past, users need to click email attachments before malware and malicious codes are downloaded to the computer. In the last quarter, the number of phishing attacks using malicious URLs increased by 600%. Clicking links in the email directs users to a webpage that automatically downloads malware or harvests login credentials.
Based on Proofpoint’s analysis of email threats, 64% delivered ransomware. The biggest ransomware threat at the beginning of the year was Cerber ransomware. In Q3, it is Locky ransomware, which accounted for 55% of all malicious payloads. The next biggest email threat, accounting for 24% of malicious payloads, is banking Trojans. First, it was Dridex Trojan, now it is The Trick. Exploit kits used to be really popular in 2016 for delivering ransomware and malware. However, its use dwindled until 2017. Now, the Rig exploit kit is on the rise again.
Proofpoints notes that aside from email attacks, social media attacks are now a threat as well. For example, “angler attacks” in twitter entices users to register to a bogus support account. Then, the user is sent a tweet with malicious URLs. Organizations need to be extra careful to avoid all these email threats. Remember:
- Use a robust spam filtering software to block bogus emails
- Install web filters to block malicious URLs
- Use email authentication to avoid domain spoofing.