Social Engineering Attacks Target Health Sector IT Help Desks

On April 3, 2024, The Healthcare Cybersecurity Coordination Center (HC3) issued an alert to the Healthcare and Public Health (HPH) Sector that threat actors are targeting their IT help desks in a sophisticated social engineering attack. In this instance, threat actors are employing vishing, or voice phishing, as their attack vector.

The Vishing Attack

Posing as healthcare employees in a financial role, threat actors are calling IT help desks using the pretext that their phone is broken, and they are no longer able to receive MFA (Multi Factor Authentication) tokens. The IT help desk employee enrolls a new device in MFA authentication allowing them to “regain” access to corporate resources.

Why the Vishing Attack Works

This attack is successful for several reasons. First, the threat actors diligently researched their targets, likely using publicly available information sources and professional networking sites. As a result, they obtained sensitive information such as the last four digits of the target employee’s social security number and corporate ID number. With this sensitive information, they were able to provide convincing proof of employee identity and company status. Second, they created a sense of urgency by stating they had broken phones that do not accept MFA tokens. Through this sophisticated social engineering scam, they manipulated the IT employees into acting on their behalf. Now with access to corporate resources the threat actors were able to divert legitimate payments and to install malware.

Protect Your Employees and Your Organization

How secure is your organization when an attacker calls your help desk or frontline staff? Our Managed Vishing Service proactively defends against malicious social engineering attacks. The team of experts at Social-Engineer, LLC will simulate realistic vishing calls to test your employees’ awareness and response to potential threats, while providing training on how to recognize and prevent such scams.

We are committed to combating the growing vishing threat by providing valuable insights through our 2024 State of Vishing Report. By analyzing over 16,500 recent vishing calls, we have identified trends and patterns that can help organizations better prepare for and prevent such attacks. Visit our website to download this free comprehensive report and register for a free online seminar with Chris Hadnagy, CEO and Founder of Social-Engineer, LLC, and Dr. Abbie Maroño as they break down the data in the 2024 State of Vishing Report.

Safeguard your business from the dangers of vishing today.