HIPAA Corner: Phishing

You may not realize it, but you are a phishing target both at work and at home. Your information is worth a tremendous amount of money to cyber criminals. YOU are the most effective weapon to detect and stop phishing.

What is phishing?
Phishing is a psychological attack used by cyber criminals to get you to give up information they can use. They may target credentials (such as your username and password) or personal information (such as your Social Security number, bank account number, or credit card numbers). They also may try to get you to take action, such as click on a link that will download malware to your computer.

What do I need to look for?
Baptist has an email gateway that blocks any messages that have been identified as phishing. However, cyber criminals make frequent changes and consequently some phishing emails may get through to your mailbox. Please note the following:

  • Watch for awkward grammar and/or spelling errors.
  • Be careful of links – if you hover over the link, you may see a different URL than on the link itself. But even if the URL looks OK, it could be disguising a malicious site. It is safer to go directly to the company’s website and look for the information, rather than accessing it through a link in an email.
  • Be suspicious of attachments if you are not expecting them.
  • Be suspicious if it sounds too good to be true.
  • Be cautious even if the email comes from a friend or colleague – check with the sender first.

What do I do if I receive a suspicious email?

  • Don’t respond, don’t open any documents and don’t click any links.
  • If at work, call the Help Desk at 77777 or 1-888-838-3777 for further guidance.
  • If at home, delete the email immediately. You may need to run your anti-malware program again to check that nothing was downloaded to your home computer. Always keep your anti-malware up to date.