Mar 03 2016

Main Line Health Victim of Spear Phishing Attack

Main Line Health was reported to be the latest victim of a spear phishing attack that resulted in the exposure of its employees’ personal information. On February 16th, a Main Line Health employee received an email that appeared to be from a sender they recognized. This is what prompted the response that led to the current investigation.

Layer 8 Security spoke with NBC 10 Philadelphia yesterday to provide more input around the situation and what people can look for to avoid being a victim.

http://www.nbcphiladelphia.com/news/local/Spear-Phishing-Main-Line-Health-Employees-Pennsylvania-Philadelphia–370867511.html

In most cases, spear phishing is an email that appears to be from a person or company you know and trust, but ends up coming from a malicious sender. The intent of this attack is to trick the recipient into providing sensitive information, sometimes financial or medical in nature.

Often times spear phishing emails will include links or attachments. Opening either one will likely install a malicious piece of software on your computer with a varying impact. Some software will simply gather information from your machine and report back to the attacker, and others will grant an attacker full control over your computer.

Employees need to be aware of the danger these emails present to the company and their personal information. There are several things to look for in an email that can be a sign it may not be legitimate:

  1. Poor spelling and grammar

Attackers can be lazy when crafting these emails and it will show in the writing techniques used.

  1. The message asks for personal information

It’s usually a bad sign when a message is asking for too much personal information. Your bank for instance, does not need you to send your account number via email. They should already have that information on hand.

  1. You didn’t initiate the action

If you didn’t enter a contest to win that free trip to the Bahamas, the email claiming you have a prize waiting is one you want to avoid.

  1. Who is your reply going back to?

In some cases, simply looking at the address you will be replying to can reveal the original sender is not who you thought they were.

“These attacks are much more sophisticated than people think”, said Dan Costantino, Layer 8 Security’s Director of Consulting Services. “The key to prevention is having good people, process, and technology built around cybersecurity and ensuring your employees are receiving quality cyber hygiene training on a regular basis.”

BACK TO BLOGS