Security Market Segment LS
Tuesday, 12 February 2019 11:07

Healthcare comes under sustained email fraud attack

Healthcare comes under sustained email fraud attack Image courtesy of Stuart Miles at

Healthcare organisations were targeted in 96 email fraud attacks on average in the fourth quarter of 2018 – a 473% jump from the first quarter of 2017, according to a new global cyber security report.

The report, by security firm Proofpoint, reveals that more than half of healthcare organisations globally were attacked more often, with incidents up between 200% and 600% during the two-year period.

Proofpoint says email fraud, also known as business email compromise, is one of today’s biggest cyber threats and, according to the FBI, BEC has cost organisations across the world US$12.5 billion — or over A$17.5 billion — since the end of 2013.

As part of these attacks, Proofpoint says cyber criminals often use identity deception tactics, such as domain spoofing, to pose as trusted colleagues and business partners, and in Q4 2018, 95% of healthcare organisations were targeted by an attack using their own trusted domain.

“Healthcare organisations are high-value targets for cybercriminals due to the large amounts of personal information that they store. Unfortunately, these organisations are also extremely vulnerable to email-based attacks as their often-complex supply chains offer multiple opportunities for cyber criminals to insert themselves into various business transactions and trick employees into sharing information or wiring funds,” said Tim Bentley, Proofpoint’s vice-president of Asia-Pacific and Japan.

“It is critical that organisations implement a multi-layered security approach to secure the email gateway and educate employees on cyber security best practices. Employees should always confirm the source of all emails that are sent to their personal and corporate email inboxes and be wary of emails that urgently request a password change, patient data, or a link be clicked.”

Proofpoint lists additional healthcare research findings as:

  • Wire-transfer fraud is the most common form of email fraud for healthcare.
  • Sixty-five staff members on average were attacked in Q4 2018 within targeted healthcare organisations.
  • Forty-five percent of emails sent from healthcare-owned domains in Q4 2018 appeared suspicious. Of these, 65% were sent to employees, 42% were sent to patients, and 15% were sent to business partners.
  • The highest volume of email fraud attacks targeting healthcare arrived on weekdays between 7am and 1pm in the targets’ time zone.


Did you know: 1 in 10 mobile services in Australia use an MVNO, as more consumers are turning away from the big 3 providers?

The Australian mobile landscape is changing, and you can take advantage of it.

Any business can grow its brand (and revenue) by adding mobile services to their product range.

From telcos to supermarkets, see who’s found success and learn how they did it in the free report ‘Rise of the MVNOs’.

This free report shows you how to become a successful MVNO:

· Track recent MVNO market trends
· See who’s found success with mobile
· Find out the secret to how they did it
· Learn how to launch your own MVNO service


Peter Dinham

Peter Dinham is a co-founder of iTWire and a 35-year veteran journalist and corporate communications consultant. He has worked as a journalist in all forms of media – newspapers/magazines, radio, television, press agency and now, online – including with the Canberra Times, The Examiner (Tasmania), the ABC and AAP-Reuters. As a freelance journalist he also had articles published in Australian and overseas magazines. He worked in the corporate communications/public relations sector, in-house with an airline, and as a senior executive in Australia of the world’s largest communications consultancy, Burson-Marsteller. He also ran his own communications consultancy and was a co-founder in Australia of the global photographic agency, the Image Bank (now Getty Images).



Recent Comments