Paubox blog: HIPAA compliant email made easy

Display name spoofing: A root cause of many cyberattacks

Written by Shawn Dickerson | November 30, 2022

Popular culture or our own preferences often skew our perspective on the source of cyberattacks in healthcare. For example, we often assume they result from highly technical approaches rather than simple attack vectors like display name spoofing.

It’s often more convenient to think that all cyberattacks start with a skilled hacker. For example, an eavesdropping attack or an SQL injection attack can require some development chops. A defensive strategy for these types of attacks relies more on technology and security policies than user education and training. In other words, they’re easier to control.

 

Healthcare and socially engineered cyberattacks

 

In reality, however, most healthcare cyberattacks rely on social engineering. With that approach, an attacker tricks employees or partners into taking an action that leads to a breach. In fact, according to Deloitte, “91% of all cyberattacks begin with a phishing email to an unexpected victim.”

SEE MORE: What is an email phishing attack?

 

Display name spoofing attacks

 

Display name spoofing is one of the most common types of phishing attacks. With this tactic, an attacker alters the display name on an email header to look like it’s coming from a trusted source. These attacks can be especially dangerous when an employee reads the email with a mobile device. On a smartphone, for example, the actual sending email address is often hidden, leaving only the display name to identify the sender.

According to Cybernews, most spoofing attacks try to “invoke a sense of urgency or fear in victims. This tricks users into clicking on malicious links, sending money to scammers or opening attachments with scripts.” When supposedly coming from a company executive, spoofed emails often just ask for a timely reply, which in turn leads to more damaging instructions.

 

Paubox ExecProtect: Eliminate display name spoofing

 

Paubox is helping healthcare companies eliminate display name spoofing attacks through a patented technology called ExecProtect. This innovative tool is available as part of the Plus and Premium editions of Paubox Email Suite. Here’s how it works:

  1. A bad actor sends an email impersonating the CEO or another company executive.
  2. Paubox ExecProtect checks if the email is an approved email address for the CEO.
  3. If it is not, the email is quarantined, and the admin is notified.

Straightforward and effective. Here’s how the IT Director at Jellyvision, a healthcare benefits technology company, puts it: “ExecProtect is beautiful – since we started using it, we haven’t had a spoofed executive email come through.”

 

ExecProtect provides ease of email security

 

Leveraging ExecProtect offers a number of compelling benefits to healthcare providers and other covered entities. With it, those organizations are able to:

  • Eliminate display name spoofing attacks, which today cost providers an average of $3.2 million in hard costs and lost productivity per breach.
  • Require zero training for internal teams because attacks are stopped before employees see them.
  • Easily set it up with an existing email platform.

 

SEE MORE: Paubox Email Suite inbound security

 
View full post