For the report, the security awareness training platform KnowBe4 analyzed more than 10,000 email severs, 82 percent of which they deduced were misconfigured. This incorrect setup leaves room for a cyberattacker to send emails under a company’s own domain, to impersonate an administrator, executive or another employee. These emails might ask the recipient to update their email account credentials, leaving them vulnerable to phishing and ransomware attempts.
Phishing emails are the main way ransomware is disseminated, according to the report. The three phishing subject lines that employees were most likely to click included: “Email Account Updates,” “Re: Your Vacation Request” and “Internet Capacity Warning.”
More articles on health IT:
Scripps to study text messaging, diabetes management with $2.9M NIH grant
Virtual medicine to take on larger role in army medicine
OSF HealthCare, NIH & AHA to establish online medical journal for 3D heart modeling
