HHS alerts health sector to monkeypox-themed phishing campaign

Sep 20, 2022 - 03:14 PM
aha-medicaid-data-900x400

The Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center (HC3) yesterday alerted the sector to a monkeypox-themed phishing campaign targeting health care providers. The alert recommends organizations implement certain protective actions.

“This alert reminds us that our cyber adversaries, foreign-based criminal gangs and hostile nation-state intelligence services, continue to prey on our culture of care by sending phishing emails based upon current urgent health care issues,” said John Riggi, AHA’s national advisor for cybersecurity and risk. “These insidious emails targeting well-intentioned health care workers lure the recipients to click on malicious links, download malware and provide credentials, ultimately leading to the theft of patient data or hospital funds. Last week, the FBI issued an alert identifying a scheme in which stolen employee credentials were being used to divert and steal millions of dollars in hospital funds. In this multi-faceted and complex cyber threat environment, multi-factor authentication, phishing tests and verbal authentication for payment instruction changes are essential.”

For more information on this or other cyber and risk issues, contact Riggi at jriggi@aha.org.

Related News Articles

Headline
CDC: Vaccine found safe, effective against mpox during outbreak
In a study of men under age 50 who were eligible to receive the JYNNEOS vaccine to prevent monkeypox (mpox) during the U.S. outbreak this year, unvaccinated…
Headline
AHA comments on Senate report on health care cybersecurity policy options  
AHA yesterday sent a letter to Sen. Mark Warner, co-chair of the Senate Cybersecurity Caucus, responding to his recent report on policy options to…
Headline
HHS warns of ‘Lorenz’ ransomware threat against larger organizations 
The Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center Nov. 21 warned of a human-operated ransomware threat targeting…
Headline
WHO recommends new name for monkeypox 
The World Health Organization today recommended a new name for monkeypox that is intended to mitigate a rise in related racist and stigmatizing language…
Headline
Agencies urge health sector to protect against ransomware threat 
The FBI, Cybersecurity & Infrastructure Security Agency, and Department of Health and Human Services yesterday recommended actions to reduce the risk of…
Headline
Agencies alert organizations to Iranian-sponsored cyber threat
The Cybersecurity & Infrastructure Security Agency and FBI today advised organizations to protect VMware Horizon servers from a Log4Shell…