Protecting healthcare against spear phishing

Featured image

Share this article

spear phishing attack on laptop computer

Spear phishing incidences have multiplied rapidly in the past few years, especially against the healthcare industry.

Such targeted cyberattacks, used to steal information or install ransomware, must be combatted with a well-placed security system and employee attentiveness.

What is spear phishing?

Unlike phishing attacks sent in bulk and often at random, spear phishing is targeted and personalized, focused on a specific person or a specific group of people.

Hackers use thorough research and social engineering techniques to gain the confidence of and deceive their target(s).

Spear phishing is sophisticated and intelligent, which is why targeted employees and businesses must be shrewder and more calculating.

Why target healthcare?

The healthcare industry is particularly susceptible to spear phishing attacks because of the value of health information and the urgency in which it needs to be relayed.

Unfortunately, the hierarchical nature of most healthcare organizations and the proliferation of technology within the industry make it exceedingly vulnerable to spear phishing.

Furthermore, untrained employees on the forefront of the battle embolden hacking.

The 2015 case of Anthem Inc., where an employee fell for a spear phishing email, highlights the growing crises. The employee’s email contained 78.8 million records and cost the company and its patients time and money.

A 2018 UnityPoint Health financially motivated whaling attack, where a hacker posed as an executive, compromised an additional 1.4 million records.

These statistics are astounding when you consider the extent affected in a single instance and the amount that remain unknown or unreported.

How do we prevent spear phishing?

Spear phishing can be blocked with a strong defense system like those offered in Paubox Email Suite Plus, which impedes such techniques as spoofing while providing up-to-date protection with advanced threat detection features like ExecProtect.

Employee awareness training is also imperative as a spear phishing email in the wrong hands does much damage. Employees need to know how to:

  • Scrutinize every email address, name, and signature, even if the sender is known
  • Implement an authentication process
  • Avoid links within an email and be weary of all attachments
  • Use smart passwords
  • Be cautious over personal and employment information online

Repetitive and up-to-date training, along with solid email security, provide a necessary protective layer to the healthcare industry against the onslaught of spear phishing.

Try Paubox Email Suite for FREE today.
Author Photo

About the author

Rick Kuwahara

Rick Kuwahara is COO and Chief Compliancy Officer for Paubox.

Read more by Rick Kuwahara

Get started with
end-to-end protection

Bolster your organization’s security with healthcare’s most trusted HIPAA compliant email solution

The #1-rated email encryption 
and security software on G2

G2 Badge: Email Encryption Leader Fall 2022
G2 Badge: Security Best Usability Fall 2022
G2 Badge: Encryption Momentum Leader Fall 2022
G2 Badge: Security Best Relationship Fall 2022
G2 Badge: Security Users Most Likely to Recommend Fall 2022
G2 Badge: Email Gateway Best Relationship Fall 2022
G2 Badge: Email Gateway Best Meets Requirements Fall 2022
G2 Badge - Users Most Likely to Recommend Summer 2022
G2 Badge: Email Gateway Best Results Fall 2022
G2 Badge: Email Gateway Best Usability Fall 2022
G2 Badge: Email Gateway Best Support Fall 2022
G2 Badge: Email Gateway Easiest To Use Fall 2022
G2 Badge: Email Gateway Easiest Setup Fall 2022
G2 Badge: Email Gateway Easiest Admin Fall 2022
G2 Badge: Email Gateway Easiest to do Business with Fall 2022
G2 Badge: Email Gateway Highest User Adoption 2022
G2 Badge: Email Gateway High Performer Fall 2022
G2 Badge: Email Gateway Momentum Leader Fall 2022
G2 Badge: Email Gateway Most Implementable Fall 2022
G2 Badge: Email Gateway Users Most Likely to Recommend Fall 2022