Hackers impersonate Vanderbilt University Medical Center to lure victims in phishing attacks

Mackenzie Garrity -

In a recent phishing scheme, hackers impersonated clinicians and executives at Nashville, Tenn.-based Vanderbilt University Medical Center, according to researchers at Proofpoint, which discovered the cyberattack.

The hackers, posing as Vanderbilt University Medical Center employees, would send victims fake HIV test results in attempts to download malware on their computers. Hackers were targeting insurance providers, healthcare personnel, pharmaceutical organizations and others.

The phishing emails claimed to come from "Vanderbit [SIC] Medical" and included the subject line "Test result of medical analysis." In the body of the email, recipients were encouraged to open a Microsoft Excel document named "TestResults.xlsb," which claimed to be the recipient's HIV results.

If a recipient opened the malicious excel document, they were directed to enable macros. From there, the malware would be downloaded onto the recipient's computer, allowing the hacker to take complete control over the system.

Proofpoint recommends individuals be especially cautious if they receive an email from a healthcare provider, especially emails that have sensitive health-related information.

Copyright © 2024 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.