The Health Information Cybersecurity Coordination Center issued a warning Aug. 10 about a phishing campaign targeting healthcare providers.
Four things to know:
- The emails have an Evernote theme that lures recipients into downloading a Trojan file generating a login prompt to steal credentials.
- The emails are personalized and lures used in the phishing emails may vary; however, the emails seen by HC3 have the subject line "[Organization Name] [Date] Business Review" and have a Secure Message theme.
- The link included in the phishing email directs people to Evernote's site, where they're prompted to download an HTML file dubbed (3).html. The file includes JavaScript code that attempts to steal credentials and access email accounts.
- The HC3 recommends email security solutions for blocking phishing emails including web filters, antivirus software for identifying Trojans and other malicious code and multifactor authentication to block unauthorized access to email accounts.