Following a surge in cyber threats, a report from Abnormal Security finds a substantial increase in phishing attacks targeting organizations across Europe and the United States.
The volume of phishing attacks targeting European organizations surged by 112.4% from April 2023 to April 2024, according to the report: Email Security Threats in Europe: Insights into Attack Trends by email security provider Abnormal Security. During the same period, phishing attacks in the US rose by 91.5%.
Phishing remains a favored tactic among cybercriminals due to its effectiveness in gaining unauthorized access to sensitive information. These attacks often start with deceptive emails that trick recipients into disclosing login credentials or downloading malware.
Related: Tips to spot phishing emails disguised as healthcare communication
Abnormal Security’s report highlights the evolving sophistication of phishing techniques, which include spear-phishing and business email compromise (BEC). These tactics aim to exploit organizational vulnerabilities and facilitate data breaches.
According to Abnormal Security: "Increasingly sophisticated phishing tactics pose a significant threat to organizational cybersecurity. These attacks serve as pivotal entry points for cybercriminals, often leading to data breaches and other malicious activities."
Organizations must enhance email security measures and conduct regular training to educate employees. The training should be about recognizing and reporting phishing attempts. Using HIPAA compliant email services, implementing multi-factor authentication and robust email filtering systems can significantly mitigate these risks.
Healthcare organizations and enterprises must prioritize cybersecurity investments and employee education to thwart phishing attacks effectively. Organizations can mitigate risks and safeguard sensitive information against evolving cyber threats by fortifying defenses and promoting a vigilant workforce.
Read more: Unpacking the benefits of cybersecurity in healthcare
Phishing emails often contain urgent requests for personal information, poorly written content, or unexpected attachments or links. Always verify the sender's email address before responding or clicking any links.
Organizations can enhance their defenses by implementing robust email filtering systems, conducting regular phishing simulation training for employees, and adopting multi-factor authentication for accessing sensitive data.
If you suspect an email is phishing, do not click on any links or download attachments. Report the email to your healthcare organization's IT or security team immediately, and delete the suspicious email from your inbox.