The Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center (HC3) yesterday alerted the sector to a monkeypox-themed phishing campaign targeting health care providers. The alert recommends organizations implement certain protective actions.

“This alert reminds us that our cyber adversaries, foreign-based criminal gangs and hostile nation-state intelligence services, continue to prey on our culture of care by sending phishing emails based upon current urgent health care issues,” said John Riggi, AHA’s national advisor for cybersecurity and risk. “These insidious emails targeting well-intentioned health care workers lure the recipients to click on malicious links, download malware and provide credentials, ultimately leading to the theft of patient data or hospital funds. Last week, the FBI issued an alert identifying a scheme in which stolen employee credentials were being used to divert and steal millions of dollars in hospital funds. In this multi-faceted and complex cyber threat environment, multi-factor authentication, phishing tests and verbal authentication for payment instruction changes are essential.”

For more information on this or other cyber and risk issues, contact Riggi at jriggi@aha.org.

Related News Articles

Headline
In a study of men under age 50 who were eligible to receive the JYNNEOS vaccine to prevent monkeypox (mpox) during the U.S. outbreak this year, unvaccinated…
Headline
AHA yesterday sent a letter to Sen. Mark Warner, co-chair of the Senate Cybersecurity Caucus, responding to his recent report on policy options to…
Headline
The Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center Nov. 21 warned of a human-operated ransomware threat targeting…
Headline
The World Health Organization today recommended a new name for monkeypox that is intended to mitigate a rise in related racist and stigmatizing language…
Headline
The FBI, Cybersecurity & Infrastructure Security Agency, and Department of Health and Human Services yesterday recommended actions to reduce the risk of…
Headline
The Cybersecurity & Infrastructure Security Agency and FBI today advised organizations to protect VMware Horizon servers from a Log4Shell…