Warning about email spoofing and phishing attacksJul. 24, 2018, 8:45 AM
Vanderbilt University Medical Center’s Enterprise Cybersecurity Unit is issuing a new warning about email spoofing and phishing attacks.
The Cybersecurity Unit is detecting phishing emails being sent using “spoofed” (stolen or falsified) names of Medical Center employees as bait to try to attract fellow employees to unknowingly engage in fraudulent financial activity.
A recent example uses an employee’s name in an email to a colleague to encourage the recipient to quickly purchase and send along check cards.
Review best practices to protect yourself from phishing attacks by learning how to distinguish a phishing email from a legitimate email. Often, simply looking at the sender’s email address can help you quickly determine if an email is fraudulent.
A phish is made to look like a legitimate email, be it from a friend, a business or even an organization. The email usually comes from a phony email address that may only be one or two characters different from the real account, or it can come from a real account that has already been compromised.
The volume of phishing emails has grown by 33 percent since 2016 in the five most targeted industries, with health care being among the top five.
If there is any question about the legitimacy of an email, contact the VUMC Help Desk to report concerns.
- Never give your ePassword to anyone.
- Never click on links or open attachments in emails unless you verify that the sender is who he or she claims to be and acknowledges sending the email.
- For additional information about phishing and how to protect yourself, please review these helpful facts and tips https://www.vumc.org/enterprisecybersecurity/cybersecurity-updates/five-ways-spot-phishing-attempt.