Health Information Management

Phishing for PHI

Briefings on HIPAA, September 1, 2016

This is an excerpt from a member only article. To read the article in its entirety, please login or subscribe to Briefings on HIPAA.

Cyber threats continue to grow and evolve, but most share a similar origin: phishing. Phishing emails, seemingly innocuous or legitimate emails used to infiltrate an organization, are a common source of malware and are used for scams in which a criminal impersonates another individual to obtain sensitive information. A study released in March by PhishMe estimated that up to 93% of phishing emails contain ransomware.

Although the damage phishing emails can do is tremendous, security officers can help their organizations turn the tide by using a combination of technical controls and targeted education.

The danger and the success of phishing emails lies in their ability to manipulate the individual on the receiving end. Phishing emails may be sent from domains that are a near-identical match for an organization's and come with what appear to be legitimate and urgent attachments or links. It's a simple scheme that criminals can use for a variety of purposes.

"They hope to get malware installed so they can control the computers they infect or even the entire network. They hope to get network or application login credentials. They hope to trick people into performing certain actions, i.e., a wire transfer of money," Kevin Beaver, CISSP, independent information security consultant at Principle Logic, LLC, in Atlanta, says. "The possibilities are endless."

This is an excerpt from a member only article. To read the article in its entirety, please login or subscribe to Briefings on HIPAA.

    Briefings on APCs
  • Briefings on APCs

    Worried about the complexities of the new rules under OPPS and APCs? Briefings on APCs helps you understand the new rules...

  • HIM Briefings

    Guiding Health Information Management professionals through the continuously changing field of medical records and toward a...

  • Briefings on Coding Compliance Strategies

    Submitting improper Medicare documentation can lead to denial of fees, payback, fines, and increased diligence from payers...

  • Briefings on HIPAA

    How can you minimize the impact of HIPAA? Subscribe to Briefings on HIPAA, your health information management resource for...

  • APCs Insider

    This HTML-based e-mail newsletter provides weekly tips and advice on the new ambulatory payment classifications regulations...

Most Popular