Home Health & Hospice Week

You might be familiar with phishing, but do you know these similar cybersecurity attacks that pose a similar threat?

1. Vishing, or voice phishing, involves phone calls from threat actors pretending to be authorities from government agencies, software companies, or credit card services. Typically, the phone number will appear to have a local area code, so you’ll think the call is coming from a nearby entity that you might know or have a connection to.
2. With spear phishing, attackers will send a carefully crafted email message that looks like it’s from a trusted source to a group of specific individuals in an organization. Unlike traditional phishing attempts, spear phishing attempts can also include instant messages, social media, and other platforms to trick individuals into offering up compromising information.
3. Whaling is similar to spear phishing, but the target is a person at the top of your organization, like a C-suite executive.

Each of these methods are very dangerous for organizations, especially in healthcare where patient information, diagnoses, and treatment plans are at risk. Every employee and staff member in your organization should stay wary of unsolicited and unexpected emails, particularly those messages that stress urgency.

To avoid falling victim to vishing, spear phishing, and whaling attempts, try these tips: familiarizing yourself with usual tactics used in these emails, like fraud, threats, and requests for help; avoiding clicking on links or downloading attachments in emails from unknown senders; and reporting malicious emails as spam and alerting your organization’s IT team of social engineering threats.