3 Ways to Stay Safe from Phishing Emails

Kaufman Rossin | Kaufman Rossin featured in MD Magazine | June 28, 2019

At some point, you’ve probably come across an email that sounds a little bit like this, “Are You Available? I need you to personally run a task for me ASAP. I am caught up with an emergency. Just reply to my Emails. Let me know if you can get this done right now. Regards, (your employer)”. And it probably has an address that looks similar to the person you would expect this sort of email from, but something doesn’t quite feel right.

That’s because it isn’t right; the email you received is actually a phishing attack looking to steal your information. It’s easy to think you would immediately recognize this for a phishing attack, but the reality is that lots of people have fallen for these attacks.

According to Verizon’s 2018 Data Breach Investigations report, 4% of people will click on a phishing link, and according to PhishNet by Kaufman Rossin®, their original research shows that healthcare has a 12% click rate when it comes to phishing emails. Furthermore, in April of this year alone, 1,185,566 sensitive records were exposed from 56 reported data breaches many of which were the result of successful hacking.

These attacks may often seem insignificant, but one slip up can lead to your systems being compromised and your patient’s data breached. This can then result in not just lost revenue for your practice as you spend money to mitigate the effects of the attack, but also your patients trust leading to them leaving your practice.

Below are 3 ways to keep your patients’ information safe:

  1. Keep your software up to date – The security software on your work computers may end up being the last line of defense in case malicious malware or a virus is exposed through a phishing email that slipped through the case. It can also help to keep patient data safe before the unauthorized user can access it.
  2. Train everyone to spot a phishing email  – Alert your team members on what phishing emails look like and which ones to look out for the most. Never respond unless you know it’s a patient or authorized vendor.
  3. Keep your own information secure  – Don’t give personal information to your patients over email in most situations and make sure you communicate them through your secured work email.