The hackers, posing as Vanderbilt University Medical Center employees, would send victims fake HIV test results in attempts to download malware on their computers. Hackers were targeting insurance providers, healthcare personnel, pharmaceutical organizations and others.
The phishing emails claimed to come from “Vanderbit [SIC] Medical” and included the subject line “Test result of medical analysis.” In the body of the email, recipients were encouraged to open a Microsoft Excel document named “TestResults.xlsb,” which claimed to be the recipient’s HIV results.
If a recipient opened the malicious excel document, they were directed to enable macros. From there, the malware would be downloaded onto the recipient’s computer, allowing the hacker to take complete control over the system.
Proofpoint recommends individuals be especially cautious if they receive an email from a healthcare provider, especially emails that have sensitive health-related information.
More articles on cybersecurity:
State-by-state breakdown of ransomware attacks on healthcare providers
5 recent data breaches caused by human error
Indiana hospital alerts 2,600 patients of human error data breach