Jean Patrice Delia was an engineer at GE when he decided to steal company data and use trade secrets, pricing information, marketing data, and other documents and funnel them to his business partner to compete against GE. After an FBI investigation, Delia was arrested and sentenced to two years in prison and ordered to pay $1.4 million in restitution. His business partner, Miguel Sernas, spent nearly a year in jail and was also ordered to pay $1.4 million.
Online scams are nothing new -- but as email has evolved and improved, so have scammers and the messages they send. Nefarious emails, attachments and links now appear sophisticated and look legitimate, sometimes tricking even the most meticulous user.
A brief glance through my spam folder in MDaemon Webmail recently reminded me of the need for on-going education on the topic of phishing and Business Email Compromise (BEC) scams. I’d like to be able to tell you that the recent crush of cyberattacks on the healthcare sector, as exacerbated by the COVID-19 pandemic, has run its course – but then I’d be the one scamming. Looking through the latest Health IT Security monthly news archive turns up a long litany of phishing, ransomware, malware, spoofing, password theft and other data leaks, and server vulnerabilities that affect millions of patients and financial donors – and it’s not even the end of the month.
It’s OK, we understand. You thought you and your employees would all be safely back in the office by now. However, we’re all still adjusting to this new normal of exponentially more remote working – and exponentially more cyberattacks. Every day, hackers seek to exploit not only fear and insecurity caused by the pandemic, but the security loopholes created as more employees access their email and other work systems from remote devices. According to one report, streaming phishing sites saw an 85-percent increase from January to March, with more than 209 malicious websites being created every day. A record 25,000 confirmed phishing pages were created on March 19 alone!
It's just a fact of life: If there's email, there will always be spam. If you’re involved with email security for a healthcare organization, 2020 is absolutely the year you can’t afford not to take this seriously. The healthcare sector has become a major target for cyberattacks during the COVID-19 pandemic, and these attacks are successful so often that Becker’s Hospital Review publishes a monthly update on healthcare provider malware, ransomware and phishing incidents. The most recent list includes:
Whether you run a multi-campus medical center or a small private practice, you’ve likely heard about cyber criminals who try to trick you and your employees into clicking a link or downloading an attachment so they can steal your organization’s money or protected data.
The COVID-19 pandemic has accelerated the adoption of cloud services across all industries, but particularly for healthcare providers. If your healthcare organization is considering moving your email from on-premise servers to the cloud, you must do your due diligence around significant security drawbacks that may overshadow the perceived benefits.
The COVID-19 pandemic has been a boon for bad actors across the digital landscape. In July, for instance, authorities in the U.S., U.K. and Canada all issued warnings about serious cyberattacks against healthcare organizations and others involved in the coronavirus response. The purpose of these attacks? Theft of intellectual property during the race to develop a vaccine. The tool of choice? Spear-phishing email attacks.
Online scams are nothing new -- but as email has evolved and improved, so have scammers and the messages they send. Nefarious emails, attachments and links now appear sophisticated and look legitimate, sometimes tricking even the most meticulous user.
This week, we learned of a new round of malware being distributed via phishing emails claiming to be from the U.S. Department of the Treasury.
