Healthcare email fraud: Attack attempts jump 473% over two years

Proofpoint found that healthcare organisations were targeted in 96 email fraud attacks on average in Q4 2018 – a 473 percent jump from Q1 2017. More than half of these organisations (53 percent) were attacked more often, with incidents up between 200 and 600 percent during the two-year period.

Researchers analysed more than 160 billion emails sent across 150 countries in both 2017 and 2018 to identify email fraud attack trends targeting more than 450 global healthcare organisations.

Email fraud, also known as Business Email Compromise (BEC), is one of today’s biggest cyber threats. According to the FBI, BEC has cost organisations across the world $12.5 billion USD since the end of 2013. As part of these attacks, cybercriminals often use identity deception tactics, such as domain spoofing, to pose as trusted colleagues and business partners.

In Q4 2018, 95 percent of healthcare organisations were targeted by an attack using their own trusted domain.

“Healthcare organisations are high-value targets for cybercriminals due to the large amounts of personal information that they store. Unfortunately, these organisations are also extremely vulnerable to email-based attacks as their often-complex supply chains offer multiple opportunities for cybercriminals to insert themselves into various business transactions and trick employees into sharing information or wiring funds,” said Adenike Cosgrove, Cybersecurity Strategist, EMEA at Proofpoint.

“It is critical that organisations implement a multi-layered security approach to secure the email gateway and educate employees on cybersecurity best practices. Employees should always confirm the source of all emails that are sent to their personal and corporate email inboxes and be wary of emails that urgently request a password change, patient data, or a link be clicked,” Cosgrove concluded.

Additional research findings

• Wire-transfer fraud is the most common form of email fraud for healthcare.
• Sixty-five staff members on average were attacked in Q4 2018 within targeted healthcare organisations.
• Forty-five percent of emails sent from healthcare-owned domains in Q4 2018 appeared suspicious. Of those 65 percent were sent to employees, 42 percent were sent to patients, and 15 percent were sent to business partners.
• The highest volume of email fraud attacks targeting healthcare arrived on weekdays between 7 a.m. and 1 p.m. in the targets’ time zone.