Getty Images

HC3 Alerts Healthcare Sector of Monkeypox-Themed Phishing Scheme

Threat Actors are using a monkeypox-themed phishing scheme to lure healthcare providers into clicking on a malicious link.

The Health Sector Cybersecurity Coordination Center (HC3) warned the healthcare sector of a new monkeypox-themed phishing scheme targeting healthcare providers.

Threat actors are using the latest public health threat to convince users to click on a link.

The campaign has a subject line of “Data from (Victim Organization Abbreviation): "Important read about -Monkey Pox– (Victim Organization) (Reference Number)” and utilizes an “Important read about Monkey Pox” theme.

Within the email, there is a PDF that holds a malicious link directing the recipient to a Lark Docs site. The site is Adobe Doc cloud themed and offers a secure fax Monkey Pox PDF download.

By clicking on the download, the victim’s Outlook, O365, or Other Mail credentials are attempted to be harvested.

Email credential harvesting can lead to business email compromise (BEC) of HPH-related and possibly non-HPH entities, which may have occurred in this situation.

BEC attacks are the costliest cybercrime under the current threat landscape. In 2020 alone, 19,369 BEC complaints were received by the Federal Bureau of Investigation (FBI), which led to about $1.8 billion in damages.

While BEC attacks are the costliest, traditional phishing attacks using email or malicious websites are also major threats to the healthcare sector. FBI’s Internet Crime Complaint Center (IC3) found that phishing was the most frequently reported cybercrime of 2021.

“Ransomware tactics and techniques continued to evolve in 2021, which demonstrates ransomware threat actors’ growing technological sophistication and an increased ransomware threat to organizations globally,” the FBI report noted.

“Although cybercriminals use a variety of techniques to infect victims with ransomware, phishing emails, Remote Desktop Protocol (RDP) exploitation, and exploitation of software vulnerabilities remained the top three initial infection vectors for ransomware incidents reported to the IC3.”

To mitigate risk, HC3 recommends healthcare providers protect each account with complex, unique passwords that contain a passphrase and/or a complex combination of letters, numbers, and symbols.

Additionally, users should avoid opening unsolicited emails from unknown senders and avoid installing downloads from untrusted publishers. Users are also encouraged to avoid visiting unsafe websites and clicking on pop-up windows that promise free programs that perform useful tasks.

Next Steps

Dig Deeper on Cybersecurity strategies