Medicare Compliance & Reimbursement

Tip: Know the difference between a trojan horse and honeypot.

Whether your employees are digitally savvy or technically inept, they should still be able to identify basic tactics used by social engineers and hackers.

Reminder: Social engineering is “an unauthorized attempt by someone masquerading as a legitimate party to elicit information from a staff member that may be used in attempts to compromise the security of systems or accounts,” explains Jim Sheldon-Dean, founder and director of compliance services for Lewis Creek Systems, LLC in Charlotte, Vermont.

Reach into your cybersecurity tackle box and test your phishing and social engineering skills on these 10 questions.

1. What type of social engineering occurs when a third party interrupts online communication between two entities and a third party responds, altering the communication and posing as if they are one of the two original communicating parties?

A. baiting

B. man-in-the-middle

C. spoofing

D. vishing

2. What type of malware holds your data hostage by encrypting it and then demands payment to release it?

A. ransomware

B. spyware

C. hostageware

D. software

3. When cyber criminals target one person at your practice with an email scam, what kind of phishing is that?

A. smishing

B. baiting

C. spear phishing

D. carping

4. What popular technique are social engineers employing when they promise you a gift, prize, or service in return for login credentials, personal information, or practice data?

A. spoofing

B. phishing

C. quid pro quo

        D. baiting

5. What type of phishing technique targets your practice administrators’ emails, stealing the most sensitive practice information while corrupting the networks from the top down?

A. vishing

B. spear phishing

C. hacking

D. whaling

6. What kind of social engineering is utilized when an infiltrator sends you text messages pretending to be a business or another practice to steal either your personal or professional information?