HST Pathways
  • Who We Help
    • Surgery Centers
    • Management Groups
    • Anesthesia Providers
    • Physician Practices
    • Hospitals / HOPDs
    • New Surgery Centers
  • Products

    • Surgery Center Management

    • Electronic Charting

    • Scheduling and Care Communication

    • Patient Estimating & Authorization

    • Patient Texting & Pre-Assessment

    • Data, Analytics, & Reporting

    • Case Profit Estimations

    • Collect & Process Patient Payments

    • End-to-End Solutions
  • Resources
    • Blog
    • Podcast
    • Customer Stories
    • HST eChart ROI Calculator
    • Continuing Education
    • Your Guide to ASC Software
    • Your Guide to ASC EMR Systems
  • About
    • Why HST?
    • Team
    • Careers
    • Partners & Integrations
  • Support
    • Client Support
    • Patient Support
  • Login
    • Patient Login
    • Client Login
  • Schedule a Demo
Select Page

The Most Common Indicators of a Phishing/Smishing/Vishing Attack

by Richard Lang | Sep 21, 2022 | Compliance, Cybersecurity, Patient Safety

The Most Common Indicators of a Phishing-SmishingVishing Attack
3 minute read
Richard Lang
Richard Lang

 

As discussed in previous posts, the most common entry point into networks is Phishing/Smishing/Vishing. The malicious actor is trying to access your network and data through your employees. However, knowing this tactic and knowing what to do about it are two entirely different things. We will use real examples to illustrate the critical information employees need to remain educated so their ASC can avoid becoming the next victim.

Phishing/Smishing/Vishing attacks use what is called Social Engineering. Social Engineering is used to persuade the end user to act on behalf of the malicious actor and, unfortunately, is a widespread approach because it is so successful. Even trained professionals have fallen prey to well-honed social engineering attacks when distracted or rushed. Whether via email (phish), SMS text message (smish), or voicemail (vish) containing a threat of bad things or a request from “management,” the net results can be potentially devastating to the organization and its patients.

As a recipient of a message, there are some essential questions you should ask yourself before opening an email, clicking on a link inside an email or SMS message, or opening an attachment embedded in an email.

  • Was the message expected?
  • Am I asked to do something the sender has never asked the recipient to do before?
  • Does the message indicate a sense of urgency?
  • Is there a claim that my organization or I will be penalized if we do not act immediately?

Here are some examples and red flags to look out for from actual phish emails, SMISH SMS messages, and VISH scams I have seen used.

What can my ASC do to help protect our patient’s data?

Repetitive employee training is the key to success, as malicious actors’ tactics constantly evolve. A one-time training event will not improve your ASC’s security posture. People forget, become complacent, or are too busy to pay attention.

Many security awareness vendors can provide easy-to-digest training to ASC employees. This training needs to be reinforced with regular automated Phish tests. The Phish tests are safe and pretend phishing emails that exhibit many red flags of an actual phishing email without the danger of malware distribution or credential theft. It’s better to learn the warning signs from failing a test than by suffering a breach of your patient’s confidential information.

A good reference for phishing email red flags can be found below. Since we are trained not to click on links, you can copy the address below into a web browser address bar.

www.knowbe4.com/hubfs/Social-Engineering-Red-Flags.pdf

Stay Vigilant.

Don’t miss out on the good stuff – Subscribe to HST’s Blog!

Every two weeks we’ll email you our newest blog posts. No fluff – just helpful content delivered right to your inbox.

Categories

  • Administrator's Corner
  • Anesthesia Providers
  • Behind the Scenes
  • Clinical Strategy
  • CMS
  • Compliance
  • Cures Act 2020
  • Cybersecurity
  • Data & Analytics
  • De Novos
  • Electronic Charting
  • EMR/EHR
  • ePrescriptions
  • Featured
  • Health & Wellness
  • HST Case Coordination
  • HST Data Services
  • HST Data Stream
  • HST eChart
  • HST Home
  • HST Patient Engagement
  • HST Pay
  • HST Practice Management
  • HST Profit Forecast
  • Just For Fun
  • Leadership
  • New Surgery Centers
  • News
  • No Surprises Act
  • Pain Injections
  • Patient Engagement
  • Patient Estimations
  • Patient Safety
  • Pre-Assessments
  • Price Transparency
  • Profitability
  • Revenue Cycle Management
  • Supply Chain Management
  • Surgical Scheduling
  • This Week in Surgery Centers
  • Webinars

Recent Posts

  • This Week in Surgery Centers: Andy Berg – Opening an ASC: Finding Your Dream Team
  • Automated Payment Posting: A Game Changer for ASC Billing Staff
  • This Week in Surgery Centers: Gregory DeConciliis – Opening an ASC: Clinical Preparation
  • This Week in Surgery Centers: Beata Canby – Opening an ASC: Managing the Regulatory and Certification Process
  • This Week in Surgery Centers: Dawn Pfeiffer – Ask the Expert: Best Practices for Opening a New Surgery Center

               

 

 

PRODUCTS

Bundled Products
HST Home
HST Practice Management
HST eChart
HST Case Coordination
HST Price Transparency
HST Patient Engagement
HST Profit Forecast
HST Data Services
HST Pay

RESOURCES

Blog
Podcast
Customer Stories
ROI Calculator
Partners & Integrations
Security Overview

ABOUT

Why HST?
Team
Careers

CONTACT

Contact Us

1801 West End Ave
Suite 300
Nashville, TN 37203

© Copyright HST, Healthcare Systems & Technologies, LLC 2023. All rights reserved.   |   Privacy Policy   |   Terms and Conditions