Social engineering
Social engineering involves the manipulation of individuals to divulge confidential information or perform actions for malicious purposes.
In 2023, healthcare organisations encountered a 279% increase in business email compromise (BEC) incidents. Socially engineered email attacks such as BEC against the healthcare sector are continuing to rise in popularity. Techniques are ever-adapting and the increased popularity of AI and machine learning have made this attack vector more accessible than ever.
Best practices
Here are some key tips to practice if you're ever unsure of a message:
- Ask yourself questions and assess any content carefully before reacting.
- Always navigate manually – visit websites independently and avoid suspicious links.
- If you need to verify someone’s identity, try reaching out to the sender through another platform.
- If an offer sounds too enticing, think twice before accepting it as fact (e.g. vouchers, invoice receipts and account notifications).
- Be aware of spoofed email domains (e.g. ‘unm1nd.com’, ‘unmind.co.uk’).
Our collective responsibility
Ensuring best practice is especially important in today’s climate. Clients trust us with their data, including sensitive health information.
Unmind employees and practitioners have an individual and collective responsibility to mitigate risks associated with social engineering.
Add comment
Article is closed for comments.