BitsnBytes Fall2023

Bits & bytes Fall 2023 6 R ecent reports indicate a surge in cybercriminals exploiting hospitals and health system IT networks through ‘smishing’—phishing via text messages sent to employees’ cell phones, as stated in Digital Health Insights (August 21, 2023). The U.S. Department of Health and Human Services’ (HHS’) Office of Health Sector Cybersecurity Coordination Center positions smishing among health care’s top cybersecurity threats, along with data breaches, distributed denial-of-service (DDoS) attacks, ransomware, and malware assaults. How Do Smishing Attacks Work? Similar to email phishing, smishing attacks involve strange attachments or convincing messages that prompt users to click on links containing malware or unwittingly share private data. These messages often mimic legitimate organizations using emotional triggers or urgent scenarios to coerce quick responses. Healthcare Staff on Alert: Cyber Threats Exploit Cell Phones through Smishing and MFA Vulnerabilities Targeting Healthcare Employees’ Cell Phones The reason for targeting healthcare employees’ cell phones is to lessen the effectiveness of multi-factor authentication (MFA). This security process requires users to provide two or more verification factors before accessing resources or systems. MFA authentication methods include passwords, personal identification numbers, fingerprints, voice recognition, and badge or smartphone password. As MFA often relies on phone-based authenticators, compromising cell phones through smishing can jeopardize all authentication efforts. You’re a WINNER! Follow the link to claim your $1,000 Amazon gift card! www.freeamazongiftcard.com We have identi ied some unsual activity on your account. Please log in via http;/ /bit.do/dsqW3J to secure your account. Your Apple ID account has been locked due to unauthorized login attempts. Please login here and very your information. http;/ /apple-account-update.com