Paubox blog: HIPAA compliant email made easy

Why smart phones are an easy target for display name spoofing

Written by Sara Nguyen | December 14, 2021

Healthcare providers know that HIPAA compliant email is necessary to keep protected health information (PHI) secure from unauthorized recipients. However, healthcare providers often don't recognize the benefits of using inbound email security tools. Keeping your employee's inbox safe from malicious emails is crucial to keeping your network secure.

One of the most common email scams involves display name spoofing emails, and healthcare providers should take steps to protect themselves from it.  And because of the way display names work on your phone, mobile devices are especially vulnerable to this type of attack.

 

What is display name spoofing?

Display name spoofing is a type of phishing email attack that specifically leverages a person's trusted circle. Cybercriminals create an email address that looks similar to your boss's email address, and they set the email display name to be your boss's name.

People may not realize that they are interacting with someone posing as their colleague or friend and then the cybercriminals will scam the recipients out of money or sensitive information. This tactic relies heavily on social engineering and inattentive people to successfully work.

 

How can people spot display name spoofing on their mobile phones?

Display name spoofing is particularly successful on mobile phones. You have to go out of your way to view the sender's email address behind the display name: Tap to open the email; tap again on the display name to double-check that the email is legitimate. 

This makes it easy for recipients to be deceived by fake email addresses since they may not check the sender's email address before replying, opening attachments, or clicking on links. If a person is not trained to recognize phishing schemes, they could easily fall victim to a display name spoofing email.

 

How to prevent employees from interacting with display name spoofed email addresses

Healthcare providers should raise awareness among their employees about malicious emails by hosting cybersecurity training programs . Employees need to be taught to evaluate every email they receive for potential phishing scams. However, humans are prone to error. It's possible that they make a mistake like not noticing a fake email address.

That's why healthcare providers should consider using inbound security tools like ExecProtect that will recognize spoofed email addresses and block them from even entering an employee's inbox.  Paubox Email Suite Plus also has robust inbox protection against threats like spam , ransomware , phishing, and viruses. Investing in cybersecurity will pay off in the long run when you aren't facing the costly consequences of a cyberattack. 

 

Try Paubox Email Suite Plus for FREE today.