One of the latest ways hackers are getting into hospital and health system IT networks is through "smishing," or phishing via text messages, HHS reported Aug. 10.
The agency's Office of Information Security and Health Sector Cybersecurity Coordination Center now list phishing and smishing as the top cyber threat in healthcare.
Much like email phishing, smishing attacks try to trick users into clicking on a link that either sends the hacker private information or downloads malware onto their devices, according to the report. HHS suggests hospitals and health systems encourage their employees to:
— Beware of "urgent" text messages.
— Confirm phone numbers.
— Not respond to unknown numbers.
— Avoid sharing password info.
— Use antivirus or antimalware software.
— Employ multifactor authentication.
— Avoid clicking in-message links.
iPhone users can also "filter unknown senders" in their message settings, while Android users can "activate caller ID and spam protection" in theirs, HHS said.