Healthcare Information Security


How Rise in Phishing Attacks Affects Healthcare Data Security

A recent study reported that there was a 250 percent increase in phishing websites, which could negatively impact healthcare data security.

By Jacqueline Belliveau

- Many healthcare organizations and business associates are constantly working to prevent phishing attacks from compromising healthcare data security. Yet, cyberattacks were still the top cause of healthcare data breaches in 2015 and recent studies have indicated that patient information may be just as vulnerable to phishing attacks in 2016.

Covered entities should incorporate phishing scam prevention policies into healthcare data security strategies

A recent cross-industry study from the Anti-Phishing Working Group (APWG) found that the number of unique phishing websites has increased by 250 percent from October 2015 to March 2016. In total, researchers discovered 289,371 unique phishing websites in the first quarter of 2016.

Researchers also uncovered a rise in unique phishing reports in the first quarter of 2016. There were 130,000 more reports by March 2016 than the last quarter of 2015.

“Globally, attackers using phishing techniques have become more aggressive in 2016 with keyloggers that have sophisticated tracking components to target specific information and organizations such as retailers and financial institutions that top the list,” stated APWG Chairman Dave Jevans.

While researchers typically see a spike in phishing attacks during the holiday season, especially as individuals partake in more online shopping, the most recent study showed that cybercriminals were continuing to launch more attacks as spring approached.

READ MORE: More Hospitals Affected by Healthcare Ransomware Attacks

“We always see a surge in phishing during the holiday season, but the number of phishing sites kept going up from December into the spring of 2016,” said APWG Senior Research Fellow and Vice President of iThreat Cyber Group Greg Aaron in the press release. “The sustained increase into 2016 shows phishers launching more sites, and is cause for concern.”

The study attributed the drastic increase in phishing websites and reports to more sophisticated malware and malevolent codes.

There were 20 million new malware samples detected in the first quarter of 2016, which equates to an average of 227,000 new malware samples discovered each day, reported the study. The most common type of malware to be used in an attack were trojans, which included ransomware.

“The onslaught of ransomware has not abated in 2016,” stated Forcepoint Principal Security Analyst Carl Leonard. “Ransomware authors exhibited a willingness to adjust their scare tactics and software in Q1 2016 as they sought to scam more end-users. The takeaway is clear – ransomware authors are more determined and aggressive in 2016. End-users should be aware of the danger and take preventative measures.”

Another prevalent type of malevolent code in the first quarter of 2016 was crimeware, explained the study. Crimeware code gathers information on an end-user and attempts to access the user’s credentials.

READ MORE: Understanding Ransomware and Healthcare Data Security

“Unlike most generic keyloggers, phishing-based keyloggers have tracking components, which attempt to monitor specific actions (and specific organizations, such as financial institutions, retailers, and e-commerce merchants) in order to target specific information,” stated the authors of the report.

The healthcare industry is no stranger to phishing scams, especially with the rise of ransomware and malware threats. Just this year, there have already been numerous reports of healthcare phishing attacks that have exposed PHI.

For example, Wyoming Medical Center recently reported a possible healthcare data breach after several employees clicked on a malicious link as part of a phishing scam. The unauthorized entity was able to gain control of the organization’s email system for 15 minutes. Within that short timeframe, the outside party may have viewed the PHI of 3,184 patients.

Organizations that are responsible for PHI should be aware of healthcare phishing attacks that can easily bypass network protections, such as firewalls and antiviruses. Phishing scams exploit human error by targeting specific end-users with a seemingly legitimate email or link. These cyberattacks don’t have to be overly sophisticated to lure a provider into opening an email that appears to from an associate.

However, once the user has invited the scammers into the network, patient privacy and safety are at risk, especially with the prevalence of hospital ransomware this year. Several ransomware attacks have caused hospitals to pay for access to their own EHR or email systems while EHR and network downtime have jeopardized patient safety.

READ MORE: Best Practices for Preventing Phishing Attacks, Data Breaches

To prevent healthcare cyberattacks, organizations may need to invest in more employee training that focuses on how to spot phishing scams. Covered entities are also encouraged to implement two-factor authentication measures to stop cybercriminals from accessing networks.

As the APWG study shows, phishing scams are becoming more sophisticated and more prominent despite the belief that these cyberattacks would decrease by spring 2016. To respond to the growing threat, healthcare organizations should incorporate phishing prevention strategies into their healthcare data security policies.

Dig Deeper:

How to Protect Your Entity from Healthcare Phishing Attacks

Phishing Scams: HIPAA Technical or Administrative Safeguard?


SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
Data Breaches

Our privacy policy

no, thanks