chat
expand_more

Healthcare Organizations Experience 279% Increase in Business Email Compromise in 2023

Email attacks like BEC against the healthcare industry are on the rise in 2023. Protect yourself with sophisticated cloud-native email security.
September 26, 2023

Healthcare is a laudable industry—helping alleviate patient suffering, improving health outcomes, and keeping a highly complex, interconnected system running. But cybercriminals see things differently. They recognize that healthcare organizations house valuable data and abhor slow-downs in their operations. This makes them prime targets for attacks, especially socially-engineered attacks like business email compromise, known as BEC.

According to Abnormal data, the healthcare industry is experiencing a 167% increase in advanced email attacks in 2023, which includes BEC, credential phishing, malware, and extortion. While the year isn’t over yet, this signals the need for more sophisticated security to protect patients, employees, and the organizations themselves.

Healthcare1

The median number of advanced email attacks rose in early 2023 for the healthcare industry, starting the year with an average of 55.66 attacks per 1,000 mailboxes in January and peaking in March at over 100 attacks per 1,000 mailboxes. Numbers dropped to more consistent levels of nearly 61.16 attacks through the rest of the year. But if last year is any indication, these numbers are going to continue to rise until the holiday season, when cybercriminals will take a short break before starting their work again in the new year.

Social Engineering Attacks Increase by 279% for Healthcare

Throughout a typical year, cyberattacks ebb and flow. It’s entirely possible that the number of sophisticated attacks will dip over the 2023 winter holiday season, but even so, the overall number of sophisticated BEC attacks is significantly outpacing 2022.

Text-based BEC attacks do not have the volume of credential phishing or malware—accounting for less than one attack per 1,000 mailboxes—but they are on the rise. Last August, the healthcare industry received a median of .54 BEC attacks each week, but that number jumped 54% to .83 attacks a year later. And when looking at data only from January-August, the number of attacks increased significantly, with an average of only .22 attacks last year to .84 attacks this year—an increase of 279%.

Healthcare2

While the volume of BEC is minimal relative to other email attacks, it remains the most dangerous attack type because it often leads to direct financial losses at an average of $125,000 per attack, according to the latest research from the FBI. Identifying and stopping BEC is increasingly important, but made difficult by the fact that these attacks are often text-based, sent from legitimate domains, and lack traditional indicators of compromise like a suspicious link or malicious attachment. In many cases, they are simply looking for information that can then be used for another attack, like in this recent example stopped by Abnormal.

We’ve seen an increased number of requests for aging reports, and healthcare is no exception. In this email, the attacker is impersonating the President and CEO of a healthcare network with more than 200 locations throughout the United States. The email requests that the recipient send a copy of all updated aging statements for customers, including the email addresses for the corresponding account payables department.

Healthcare3

While this email may look innocuous at first glance, it can lead to disastrous consequences. If the recipient were to respond with this information, the attacker would then have legitimate contact and invoice information for all customers of the health network, which would enable them to create realistic emails requesting that the outstanding payments be diverted into the account owned by the attacker. Given how large this health network is and how many patients they see each day, a successful attack like this could result in millions of dollars lost before the network realizes that there is an error in the payments their customers are sending.

Defending Healthcare Organizations Against Sophisticated Email-Based Attacks

If 2022 is any indication, the healthcare industry should be prepared for an additional influx of attacks in the latter half of this year. Fortunately, there are solutions available to prevent these attacks from reaching doctors, nurses, and healthcare staff. By embracing sophisticated cloud email security, healthcare organizations can dramatically improve their cybersecurity practices.

Abnormal Security leverages artificial intelligence and machine learning to create a baseline of good behaviors. By understanding what’s normal, Abnormal can detect anomalous activity and block business email compromise, invoice and payment fraud, malware, and other email-based threats before they reach your employees.

See other trends impacting healthcare in the latest email threat report; Applications Abound: Average Organization Now Integrates 379 Third-Party Applications with Email.

Schedule a Demo
Healthcare Organizations Experience 279% Increase in Business Email Compromise in 2023

See Abnormal in Action

Get a Demo

Get the Latest Email Security Insights

Subscribe to our newsletter to receive updates on the latest attacks and new trends in the email threat landscape.

Get AI Protection for Your Human Interactions

Protect your organization from socially-engineered email attacks that target human behavior.
Request a Demo
Request a Demo

Related Posts

B Proofpoint Customer Story Blog 8
A Fortune 500 transportation and logistics leader blocked more than 6,700 attacks missed by Proofpoint and reclaimed 350 SOC hours per month by adding Abnormal to its security stack.
Read More
B Gartner MQ 2024 Announcement Blog
Abnormal Security was named a Leader in the 2024 Gartner Magic Quadrant for Email Security Platforms and positioned furthest for Completeness of Vision.
Read More
B Gift Card Scams Tricker to Spot Blog
Learn why gift card scams are becoming more difficult to identify, how cybercriminals evolve their tactics, and strategies to protect your organization.
Read More
B Offensive AI 12 16 24
Learn how AI is used in cybersecurity, what defensive AI vs. offensive AI means, and how to use defensive AI to combat offensive AI.
Read More
B Proofpoint Customer Story Blog 7
See how Abnormal's AI helped a Fortune 500 insurance provider detect 27,847 threats missed by Proofpoint and save 6,600+ hours in employee productivity.
Read More
B Cyberattack Forecast Emerging Threats Blog
Uncover the latest email threats and strategies to strengthen your cybersecurity and prepare for 2025.
Read More