Feds warn of monkeypox-themed malicious email campaign targeting health care providers
Don’t click on links or attachments unless you’re sure they are legitimate.
Physicians and their staff should beware a monkeypox-themed email campaign that is targeting health care providers.
A sector alert was published Sept. 19 by the Health Sector Cybersecurity Coordination Center (HC3), within the U.S. Department of Health and Human Services. The campaign uses official-sounding language to convince recipients to click on a bogus download that is really a program that attempts to steal email credentials.
The sector alert stated: “The campaign has a subject of: “Data from (Victim Organization Abbreviation): "Important read about - Monkey Pox – (Victim Organization) (Reference Number) and utilizes an “Important read about Monkey Pox” theme.
“Inside of the email is a PDF with a malicious link which lures the recipient to a Lark Docs site. “The site is Adobe Doc cloud themed and offers a secure fax Monkey Pox PDF download.
"Clicking the download attempts to harvest Outlook, O365, or other mail credentials.”
HC3 recommends the following actions to help protect organization cybersecurity:
- Protect each account with complex, unique passwords. Use a passphrase and/or a complex combination of letters, numbers, and symbols.
- In general, avoid opening unsolicited emails from senders you do not know.
- Do not open a link or an attachment in an email unless you’re confident it comes from a legitimate source.
- Do not download or install programs if you do not have complete trust in the publisher.
- Do not visit unsafe websites and do not click on pop-up windows that promise free programs that perform useful tasks.
This aricle originally appeared on Medcical Economics®.
Newsletter
Get the latest clinical updates, case studies, and expert commentary in obstetric and gynecologic care. Sign up now to stay informed.
