Most of the world is using the internet when it comes to business, this is no exception for healthcare. In the healthcare world many hospitals have gone paperless and use devices as a way to keep records. In order to connect and sync all devices to each other, they have adopted the internet as their base communication form. Although the internet revolutionized the healthcare world, it also poses a threat when it comes to cybercrimes.
Below are some tips that may prevent cybercrimes in the healthcare world:
- Treat business information as personal information. As you wouldn't give out your personal information, do not give out business information or any personally identifiable information (PII).
- Do not make passwords easy to guess. When you create passwords be sure to select a password that is not easily guessed.
- Be up-to-date. Keep your machines up-to-date with the latest software. You can also set up your machines to auto-update, this will eliminate the process of manually updating all of your devices.
- Social media is part of the fraud tool set. Employees should avoid sharing any business information on social media, or conduct official business, exchange payment, or share PII.
- It only takes one time. In most circumstances, data breaches are caused by a single security vulnerability, phishing attempt, or incidence of accidental exposure.
E-Skimming
The Internet touches almost all aspects of our daily lives. We can shop, bank, connect with family and friends, and handle our medical records all online. These activities require you to provide personally identifiable information (PII) such as your name, date of birth, account numbers, passwords, and location information. #BeCyberSmart when sharing personal information online to reduce the risk of becoming the victim of a cybercrime.
What Is E-Skimming?
Cybercriminals introduce skimming code on e-commerce payment card processing web pages to capture credit card and personally identifiable information and send the stolen data to a domain under their control.
How Does It Work?
A skimming code is introduced to payment card processing websites by:
- Exploiting a vulnerability in the website’s e-commerce platform
- Gaining access to the victim’s network through a phishing email or brute force of administrative credentials
- Compromising third-party entities and supply chains by hiding skimming code in the JavaScript loaded by the third-party service onto the victim website
- Cross-site scripting which redirects customers to a malicious domain where malicious JavaScript code captures their information from the checkout page
Return to October National Cyber-Security Awareness Month
Follow along each week of October as we give tips to help keep your online life safe and secure. Share your appreciation for NCSAM with #BeCyberSmart and #CyberAware.
