U.S. Department of Health Alert: Hackers are Targeting IT Help Desks at Healthcare Organizations

Hackers Targeting IT Help Desks HealthcareA new sector alert published by the U.S. Department of Health and Human Services outlines new attacks in which social engineering is used to obtain credentials for online fraud.

The details of how these attacks happen shows how determined and sophisticated these threat actors are.

According to the latest HC3 Sector Alert, the U.S. Department of Health is making healthcare organizations aware of cybercriminals intent on gaining unauthorized access to user accounts for “employees in a financial role (specifically in revenue cycle or administrator roles)."

These attackers call IT help desks and are able to provide key personal details to validate identity “including the last four digits of the target employee’s social security number (SSN), corporate ID number, and other demographic details.”

This shows how details from one data breach can be used later in another by a completely separate threat group.

Once credentials are obtained, the threat actor targets payer websites where they make banking account detail changes so that payments are sent to attacker-controlled accounts.

The alert recommends strengthening multi-factor authentication (MFA), implementing conditional access, and even blocking external access of credentials if not within the corporate network. 

I’ll add that IT helpdesk personnel should be enrolled in security awareness training so they are aware of such scams and treat each call involving credentials as a potential threat. Additionally, organizations should put in additional controls and/or processes specifically for those with access to financial data and applications when credentials are involved.

KnowBe4 empowers your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.

Free Phishing Security Test

Would your users fall for convincing phishing attacks? Take the first step now and find out before bad actors do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

PST ResultsHere's how it works:

  • Immediately start your test for up to 100 users (no need to talk to anyone)
  • Select from 20+ languages and customize the phishing test template based on your environment
  • Choose the landing page your users see after they click
  • Show users which red flags they missed, or a 404 page
  • Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
  • See how your organization compares to others in your industry

Go Phishing Now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:


Subscribe to Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews