A few weeks ago, the EdgeWave EPIC cyber ops team warned against phishing campaigns targeting the medical industry.  This week we are seeing more aggressive actions in these campaigns.  Since Monday we have blocked over 700K malicious messages targeting a medical related site.  iHealth Beat reported last month that the health care industry lags behind other verticals in email security.  Getting unsuspecting people to click on bad email links is the easiest and most prevalent method hackers and criminals use to implant malware.  Additionally and possibly related, our analysts have noted in increase last week in medical website rating requests, which means that new sites are popping up out of nowhere, which is very suspicious.

The most likely reason for both is the upcoming Affordable Care Act open enrollment period, which begins on 15 November.  Many people are likely to look for information on health care.  However, this also provides an opportunity for crooks to take advantage of the enrollment period.  We advise everyone to be weary of malvertising campaigns offering health insurance.  Remember, it is always best to just type in the URL of the website or use Google rather than trusting a link in an ad or email.  Awareness of small things can provide a lot of protection.

EdgeWave EPIC is a Military-Grade approach to cyber security that combines expert analyst review, advanced technology and a rigorous cyber operations approach to deliver real-time, active defense against cyber threats. Learn more or watch a short video.