Protect your practice from cyberattacks

Organizations of all types and sizes are vulnerable to cyberattacks. The fraudsters that perpetrate these crimes do not discriminate, and they are becoming increasingly organized and sophisticated. Technical solutions such as anti-virus and malware detection software are imperative, but they do not catch everything. New threats emerge daily, so it is important to be aware of some common threats that have been troubling organizations recently. 

The general rule of thumb is simple: If the email seems suspicious, delete the email. Do not click on any links or open any attachments. Spam email is often obvious, but some of these hacking efforts can be quite clever and difficult to spot.

A few of the more prevalent and recent schemes are discussed below.

  1. The threat: Business email compromise.

    How it works: Hackers gather publicly available information about an organization and use it to target employees by sending them an email from an address that looks like the email address of a co-worker (usually an executive). The fake email requests that the recipient transfer company funds to the hacker's fraudulent account. Another very common scheme is doing the same thing, but targeting an organization's human resources department and asking staff to send employee W-2 forms to the spoofed email address. The W-2s (which include social security numbers) instead go to the hacker's email address.

    What to look for: Pay close attention to the email's "from" address. Often, hackers will use an email that is similar, but not identical, to another staffer's email address. For example, if a co-worker's email address is joe.executive@dentalpractice.com, hackers may send a spoofed email that is j0e.executive@dentalpractice.com.

    What to do: If the email is obviously illegitimate, delete it immediately and do not click links or open attachments. If users are unsure whether it is legitimate, simply call and ask the person if they sent it. Practices should have an authentication and validation process in place before any payments or transmissions of sensitive data can be initiated.
  1. The threat: Click-bait/URL misdirection.

    How it works: A user browsing the web logs into a database or follows a link to an unknown site. The site installs something or injects a file onto the user's system, which opens the door to viruses.

    What to look for: Unfamiliar links or databases.

    What to do: Be vigilant while browsing the web. Only visit trusted sites and log into databases needed to perform job duties.
  1. The threat: Ransomware attacks.

    How it works: Hackers send spam that will include a URL link or have a document attached. When the recipient clicks the link or opens the attachment, a virus is introduced to the organization's network. These viruses, known as ransomware, encrypt network files so they are inaccessible to the user. The virus then instructs the recipient to pay a certain amount of money to unlock the files.

    What to look for: Emails, as described above, that are similar but not identical to a known address. Also watch for emails that are from unknown senders and emails that contain unusual links or attachments.

    What to do: Do not open suspicious emails. Delete them immediately. If the email came from a recognized address, but doesn't look quite right, confirm verbally with the sender that it is legitimate. If the link or document is opened and does contain ransomware, do not delete the email. Recipients should shut down the computer as soon as possible to remove it from the network and call their IT vendor.
  1. The threat: Social engineering.

    How it works: Using publicly available information, fraudsters will call staff members and ask them questions in order to get enough information to allow them to infiltrate that organization's IT infrastructure. Often, these hackers will pretend to be representatives of a vendor or service provider, and ask questions about the organization's network, usernames/passwords, internet provider addresses, network maintenance schedules, etc.

    What to look for: Calls from people claiming to be vendors or service providers or those asking seemingly random questions that do not pertain to the job.

    What to do: If a call seems strange and the caller is asking questions that are very specific or unusual, politely end the call. If the caller claims to be from a vendor that the organization uses, but is asking unusual questions or is otherwise out of the ordinary, employees should tell the caller that they will call back, then call the vendor directly with the vendor's usual contact information.

Remaining vigilant goes a long way in helping to protect the practice and keep patient information confidential. 

For more information, visit cda.org and look under "privacy/HIPAA."

Related Items

More than half of the data breaches in health care settings are a result of devices being physically stolen from a practice, car, home or elsewhere. Data breaches can result in big costs for dentists who fall victim to such a breach should unencrypted patient health information be stolen.

Dental practices are among the victims falling prey to ransomware, a type of malware that infects and disables computers and demands payment from victims to restore computer access. The Dentists Insurance Company warns dentists that ransomware can bring a practice to a standstill.

One California dentist decided to share her story to warn other dentists of a relatively new hacking scheme. It is called “crypto-ransomware” and it attempts to extort money from victims by displaying an on-screen alert. These alerts often state that the computer has been locked or that all files have been encrypted, and demand that a ransom be paid to restore access.