Cyber schemers continue to target hospital IT help desks | AHA News
AHA
|
Contributed by: Drex DeFord
Summary
The American Hospital Association (AHA) has reported an ongoing IT help desk social engineering scheme in which threat actors use stolen identities of employees in financial roles to bypass multi-factor authentication and gain unauthorized access to employee email accounts and systems. Leveraging the employees' personal information, these presumably foreign-based actors contact IT help desks to reset passwords and add new devices for receiving authentication codes, facilitating fraud and malware distribution. The AHA recommends enhancing IT security protocols—such as verification callbacks, video calls, and requiring in-person requests for sensitive actions—to mitigate risks. Victims of such schemes are advised to immediately inform their financial institutions and the FBI via www.ic3.gov. The AHA continues to provide guidance and updates on cybersecurity threats through their platform.
