As part of a campaign to educate our workforce about email phishing attacks, Ballad Health team members recently completed a CBL about phishing email safety. To continue the campaign, we’ll also include periodic safety tips and reminders in Ballad Health News.
A lot of team members may not realize that phishing attacks on our email don’t just occur through our desktop computers, but in fact the majority of incidents are through our cellphones – because cellphones are actually the most vulnerable piece of equipment.
We have an Information Technology team working diligently to fend off attacks to our Ballad Health system. But these protections do not extend to cellphones often used on free Wi-Fi networks or on cellphone carrier networks. Additionally, for many people the anti-virus software on their cellphone may not be very good, if there’s any installed at all. Therefore, opening web pages within emails or attachments on your cellphone could still expose your credentials to unknown attackers.
All Ballad Health users should:
- Turn on added security functions – At the least, use a PIN for log-in, but your phone may also may offer fingerprint, facial or iris recognition.
- Make sure you’ve got your inactivity timeout setting engaged, so when you’re not using the phone, after a certain amount of time the screen goes off and it requires a PIN or other security measures to use it again.
- Keep your phone updated with the latest software version provided by the carrier.
- Remove/uninstall unused “free applications.”
- If you suspect an email has a link, or a link within an attachment, that could be a phishing attempt, before opening any link within the email, press and hold your finger on the link (for 1-2 seconds, until the actual web page address pops up) to see what website the link will open. If you don’t recognize the website, close the email. If the email was received within your Ballad Health email account, please contact the IT Service Desk to report this issue as a potential phishing attack.
If you’ve got questions or concerns about phishing attacks, or think you may be a victim, contact the Ballad Health IT Service Desk and select “Option 8.”
