Health Sciences ITS warns of cyber security threat

The Department of Health and Human Services (HHS) has shared that a major threat to the healthcare sector has been identified. The FBI is working to declassify information.

Our request to you is to please slow down when opening external emails. Be skeptical of the email sender and verify the source before you fall victim of a phishing attack. Phishing attacks are used to trick employees, physicians, researchers and clinicians into opening an attachment or clicking on a link that may contain ransomware or other malware. The phishing attacks also attempt to collect your user ID and password.

The scammers are targeting you, our Healthcare Heroes, who are working so diligently to keep us healthy during the COVID-19 pandemic.

Be wary of external emails with the following subjects or contents where bad actors mimic trusted brands:

• HHS Covid-19 Vaccine Tracker – The email display name may appear as “health & human services” and the email subject may contain “Covid-19 Vaccine Tracker”, but other similar names and subjects may be used.
• Microsoft Teams Invitations or Alerts – The URL may be slightly modified, such as, "microsftteams."
• Basecamp — An online project management tool called Basecamp is being used to download the Ryuk ransomware.
• Notification – Email containing “View Document” appearing as a hsc.wvu.edu One-Drive documents.

These are just a few examples. The scammers will develop new attacks. You must always verify the sender email address before opening an attachment and verify web links by hovering over the link before clicking. If you have any questions about the validity of an email, please contact the HSC Help Desk before entering login credentials into a login screen, opening an attachment or clicking on a link.

Please report suspicious emails by forwarding the email to hsc_helpdesk@hsc.wvu.edu or by calling the HSC Help Desk at 304-293-3631, option 1.