Phishing & Email Security

Learn to recognize phishing e-mails and protect yourself online.

Phishing (n); \ˈfi-shiŋ\

Phishing is a method used by criminals to obtain private information for the purposes of identity or data theft.

Every month, medical professionals around the country succumb to “phishing” scams. Unsuspecting individuals receive fraudulent emails linking to copycat websites, which attempt to trick recipients into revealing valuable personal information. This usually includes usernames and passwords that control access to databases of sensitive financial and medical records of patients and employees of a hospital.

Phishing Catastrophes

Doctors Taking the Bait

January 2014

Baylor Medical Center announced that 1,981 patients had personal and medical information compromised after several medical center physicians responded to phishing scam emails.

Hook, Line, and Sinker

December 2013

The UC-Davis Health System announced that personal and medical information of ~1,800 patients had been compromised by a phishing email scam that affected three UC-Davis clinicians.

Caught By The Net

October 2013

Saint Louis University announced that several employees provided personal information in response to a phishing scam, compromising the sensitive information of ~3,000 patients.

Protect Yourself

You don't have to take the bait! Keep yourself safe from phishing by following these three steps:

  1. Learn to recognize phishing. Take a look at the example message to your right →

  2. Enable two-factor on your accounts, the only  bulletproof phishing protection.

  3. Check your healthcare providers' score in our e-mail security scorecard

  4. Ask your IT department if they enabled anti-phishing mail policies.

What should I do with suspicious email?

Just delete it! If you know the sender, you might give them a call to ask if they really sent the message. If you're feeling proactive, you can consider forwarding the message to your IT department. If you receive suspicious emails, then it's likely other people at your institution are receiving them too.

Recognizing Phishing

You Scored:


The Trustworthy Healthcare Initiative — © 2014-2015
This work is licensed under a Creative Commons License.