Vanderbilt University Medical Center’s (VUMC) Enterprise Cybersecurity Unit is issuing a new warning about email spoofing and phishing attacks.
The Cybersecurity Unit is detecting phishing emails being sent using “spoofed” (stolen or falsified) names of Medical Center employees as bait to try to attract fellow employees to unknowingly engage in fraudulent financial activity.
A recent example uses an employee’s name in an email to a colleague to encourage the recipient to quickly purchase and send along check cards.
Review best practices to protect yourself from phishing attacks by learning how to distinguish a phishing email from a legitimate email. Often, simply looking at the sender’s email address can help you quickly determine if an email is fraudulent.
A phish is made to look like a legitimate email, be it from a friend, a business or even an organization. The email usually comes from a phony email address that may only be one or two characters different from the real account, or it can come from a real account that has already been compromised.
The volume of phishing emails has grown by 33% since 2016 in the five most targeted industries, with healthcare being among the top five.