USA Health Homepage

Navigation

Beware: Suspicious emails may be phishing attacks

Employees who receive a suspicious email are urged to avoid opening it and to forward the email to USA Health IT for review.

Published Jun 29th, 2021

USA Health employees should be on the lookout for fraudulent emails from recently observed phishing attacks that could pose a threat to our organization’s sensitive information.

A phishing attack, or a phishing scam, is a cybercrime in which an attacker sends a fraudulent email pretending to be someone (such as the CEO of your organization) or something they’re not (Google), in an effort to extract sensitive information from the recipient.

The attacker attempts to create fear, curiosity and/or a sense of urgency to entice the receiver to comply when prompted to open an attachment or provide sensitive information (such as a username, password, or credit card number).

“The senders of the phishing email are not interested in who you are,” said Carrie Pace, assistant chief HIPAA compliance officer for USA Health. “They are casting a net and hoping someone bites.”

Employees who receive a suspicious email are urged to avoid opening it and to forward the email to USA Health IT for review.

USA and USA Health employee email addresses are listed publicly on the directory on the University of South Alabama website. While a public directory is necessary to facilitate legitimate communications, it also can expose employees to unsolicited or unwanted malicious emails.

These are a few types of phishing attacks:

  • Spear phishing: A highly targeted form of phishing that focuses on a specific group of individuals (such as payroll personnel, researchers, medical providers) or organizations (such as healthcare organizations, legal representatives).
  • Whaling: A form of phishing aimed at administrative or executive level individuals.
  • Cloning: A legitimate email is duplicated, but the content is replaced with malicious links or attachments.

Here are some phishing-related statistics:

  • It is estimated that 95 percent of targeted attacks against specific organizations began with a targeted spear-phishing email. This means that today, criminals depend on human flaws as much or more than system flaws.
  • Frontline staff is targeted two times more than middle management and 1.3 times more than executives. Staff also is thought to be two times more likely to interact with a phishing email.
  • An estimated 80 percent of tested business users fail to detect at least one of seven phishing emails. It takes one click on a malicious link to cause reputational and/or financial harm to an organization.

View an example of a phishing email.

Recent News

In the News: June 24
In the News: June 24

USA Health clinicians are experts in their fields, making them trusted sources on a variety of healthcare-related news topics.

Posted 14 hours agoRead Story >
Specials for You: June 2025

This month's specials for employees include discounts on treatments and savings on skin care procedures and products. Please be sure to bring your employee badge to receive the discount.

Posted 22 hours agoRead Story >
Back to Insider
This link will open in a new tab or window.