Cybersecurity attacks are on the rise and healthcare organizations like UConn Health are often targets. Cyber-attacks can corrupt devices, disable networks and allow bad actors to access patient and employee information. Quite simply, successful cyberattacks put patient safety and privacy at significant risk. We must all work together to lower this risk for our patients and all of UConn Health.
“Phishing” is the most common type of cyberattack. In this scheme bad actors will send you an email and “trick” you into opening an attachment or clicking a harmful link, allowing them to imbed viruses in your device and gain access to all of the data anywhere in your email account. Some viruses will then send phishing emails that look like they’re from you to other individuals at UConn Health. The cycle repeats and the damage multiplies.
To help prevent phishing attacks, look for emails that contain:
- An urgent message that asks for your quick reply
- A plea for help or financial assistance for a person, cause, campaign, or organization
- Offers that sound too good to be true
- Misspelled words and poor grammar
- Mismatched email address information – look at the email address, not just the sender – make sure the display name matches the email address
- Generic signature lines – make sure you can verify that the name and contact information are credible
- Unexpected requests regarding personal information – be wary of clicking links or answering questions from contacts that you didn’t initiate
- Unsolicited attachments
Strong security of your work and personal devices can also deter the theft of UConn Health’s data.
Remember to:
- Use strong passwords and change them often
- Create different passwords for different computers
- Use 2-factor authentication when available
- Install and update antivirus software frequently, including personal devices and networks
If you receive an email that looks suspicious, click the “Report Phish” button in the upper right corner of your screen. Please contact the Help Desk or IT Security for phishing or security questions and the Office of Healthcare Compliance and Privacy for privacy-related questions or guidance.