Livanta Security Alert
June 4, 2021
Over the past several weeks, the Livanta Security Operations Center has noticed several e-mail phishing attacks originating from healthcare provider organizations. To address this disturbing trend and provide a safer online experience for everyone, Livanta’s Security Team has prepared this Security Alert, which is being shared widely.
Phishing attacks are dangerous because cybercriminals prey on the trust of individuals and use social engineering tactics to obtain private information. Phishing attacks are easy for cybercriminals to launch and are highly effective – which is why cybercriminals use them so frequently.
Please use these guidelines as a starting point and check with your organization’s Information Technology (IT) department or security personnel should you have questions about how best to prevent phishing attacks. Also, please forward this Security Alert to others who may benefit from the information.
The Livanta Security Team
To learn more about phishing, visit the Federal Trade Commission (FTC) website at:
To test your skills with free online training about phishing, go to:
Cybercriminals Want What You Have!
Cybercriminals are always looking for sensitive information, such as usernames, passwords, Personally Identifiable Information (PII), Protected Health Information (PHI), or other private information such as network system specifications or e-mail contact lists. Cybercriminals use this information to gain unauthorized access, steal identities, compromise other network systems, and spread their phishing campaigns to others. In some cases, this can lead to entire systems or networks being compromised or ransomware being launched. These types of cyber threats are extremely costly for any organization.
Social Engineering Can Be Very Damaging.
Once They Have Your Information …
Social engineering attackers use strategies similar to bait and trap techniques. Once cybercriminals compromise your e-mail account, they use your account to send out more phishing e-mails to your contacts. Thus, the phishing campaign grows exponentially. As the bait, these e-mails can contain something as simple as a weblink to a legitimate-looking document, file share, or web e-mail portal. You think you are at a legitimate website when you are actually at a fake or cloned site. Cybercriminals then trap you when they obtain your real username and password that you enter on their fake website. Unbeknownst to you, they later use your real credentials to log into your e-mail account and blast out more baited phishing e-mails to all your contacts from your e-mail address.
Defending Yourself Against Social Engineering
- Do you know this sender? Were you expecting what he or she sent to you?
- Is what he or she sent you out of the ordinary? Did the sender attach documents or invoices that require you to log in to an unknown website or system?
- The sender’s name might be someone you recognize, but is the e-mail actually coming from their legitimate e-mail address?
- Is the e-mail address the one that you normally use?
- Is the person’s standard e-mail signature missing or different than normal?
- Is the e-mail tagged with “External” – when it looks like it should be an internal email?
- If you are unsure whether you should trust an e-mail, contact the person separately and ask if the suspicious e-mail was legitimate. The sender’s email account may have been compromised without their knowledge or awareness of it.
- Scrutinize emails and avoid hasty replies. Do not act on or reply to emails until ensuring that they are legitimate.
- Use multifactor authentication, if available, for accessing websites that require credentials to log in. With multifactor authentication, if your account password is compromised, you will know when someone tries to log into your account.
- Report phishing e-mails to your IT or security staff so they can help with needed safeguards.
- If you believe that your e-mail account is compromised, notify your IT or security point of contact, and change your password immediately.