The FBI released information this week for cybersecurity professionals and hospital administrators to use to protect their organizations from cyber threats during the pandemic.
The FBI was notified of email phishing attempts targeting U.S.-based medical providers. Cyber criminals used email subject lines and COVID-19 related content to send out malicious attachments, which exploited Microsoft Word document files, Microsoft Visual Basic Script and Java software, among others.
Here is a list of recommendations for healthcare providers to avoid email phishing attempts during the pandemic, according to the FBI:
1. Closely examine email addresses that send unsolicited attachments; cyber actors can manipulate the return address to make the email appear to have been sent from a trusted associate's account.
2. Install software patches and keep software up to date so attackers can't capitalize on known vulnerabilities or problems.
3. Do not open an email or email attachment if it seems suspicious; attackers are always releasing new viruses that antivirus software may not have the signature for yet. If you do open an attachment, save and scan it before doing so.
4. Turn off the automatic download attachment options on email accounts if possible.
5. Create separate user accounts for the computer and restrict reading email privileges to a single account as some viruses need "administrator" privileges to infect a computer.