sb-eu logo
Story image

Massive jump in email fraud targeting healthcare - Proofpoint

12 Feb 2019

Cybersecurity and compliance company Proofpoint has released its Email Fraud in Healthcare 2019 Report, which found that healthcare organisations were targeted in 96 email fraud attacks on average in Q4 2018 – a 473% jump from Q1 2017.

More than half of these organisations (53%) were attacked more often, with incidents up between 200 and 600% during the two-year period.

The report analyses more than 160 billion emails sent across 150 countries in both 2017 and 2018 to identify email fraud attack trends targeting more than 450 global healthcare organisations.

Email fraud, also known as Business Email Compromise (BEC), is one of today’s biggest cyber threats.

According to the FBI, BEC has cost organisations across the world $12.5 billion USD (over $17.5 billion AUD) since the end of 2013.

As part of these attacks, cybercriminals often use identity deception tactics, such as domain spoofing, to pose as trusted colleagues and business partners.

In Q4 2018, 95% of healthcare organisations were targeted by an attack using their own trusted domain.

Proofpoint Asia-Pacific and Japan vice president Tim Bentley says, “Healthcare organisations are high-value targets for cybercriminals due to the large amounts of personal information that they store.

“Unfortunately, these organisations are also extremely vulnerable to email-based attacks as their often-complex supply chains offer multiple opportunities for cybercriminals to insert themselves into various business transactions and trick employees into sharing information or wiring funds.”

“It is critical that organisations implement a multi-layered security approach to secure the email gateway and educate employees on cybersecurity best practices,” Bentley adds.

“Employees should always confirm the source of all emails that are sent to their personal and corporate email inboxes and be wary of emails that urgently request a password change, patient data, or a link be clicked.”

Key Proofpoint Healthcare research findings

  • Wire-transfer fraud is the most common form of email fraud for healthcare.

  • Sixty-five staff members on average were attacked in Q4 2018 within targeted healthcare organisations.

  • Forty-five percent of emails sent from healthcare-owned domains in Q4 2018 appeared suspicious. Of those 65%  were sent to employees, 42% were sent to patients, and 15% were sent to business partners.

  • The highest volume of email fraud attacks targeting healthcare arrived on weekdays between 7 am and 1 pm in the targets’ time zone.

Story image
Global DDoS attacks: What they are, how they work, and how to defend against them
Do not pay the ransom, and do make sure you've got strong DDoS protection, security firms warn.More
Story image
Report: 151% increase in DDoS attacks compared to 2019
It comes as the security risk profile for organisations around the world increased in large part thanks to the COVID-19 pandemic, forcing greater reliance on cloud technology and thrusting digital laggards into quick and unsecured migrations.More
Story image
Research: 61% of companies have suffered an insider attack in last 12 months
It comes as rapid migration to cloud and remote working and BYOD scenarios leave organisations increasingly vulnerable to insider attacks as a result of the upheaval caused by the COVID-19 pandemic.More
Story image
OT networks warned of vulnerabilities in CodeMeter software
Manufacturers using the Wibu-Systems CodeMeter third-party licence management solution are being urged to remain vigilant and to urgently update the solution to CodeMeter version 7.10.More
Story image
CrowdStrike integrates with ServiceNow program to bolster incident response
As part of the move, users can now integrate device data from the CrowdStrike Falcon platform into their incident response process, allowing for the improvement of both the security and IT operation outcomes.More
Story image
Malware and email scams targeting employees spread rapidly in Q2
"Businesses must stay alert and should employ defense-in-depth tactics and equip themselves with multilayered security mechanisms, including high-sensor spam filters and a VPN connection, which would prevent malicious pages from opening."More