Hackers are using a monkeypox-themed phishing campaign to target healthcare organizations, the HHS warned Sept. 19.
Four things to know about the phishing scheme:
- The campaign has a subject of "Data from (Victim Organization Abbreviation): "Important read about -Monkey Pox– (Victim Organization) (Reference Number)" and utilizes an "Important read about monkeypox" theme.
- Inside of the email is a PDF with a link that takes recipients to a Lark Docs site.
- The site contains a monkeypox PDF download. Once recipients interact with the download link, it attempts to hijack credentials.
- The alert recommends organizations implement certain protective actions such as avoiding opening attachments, creating unique passwords and to not install any programs outside of your organization.