The FBI warned today of specific COVID-19-themed email phishing campaigns targeting U.S.-based medical providers.

The campaigns leverage email subject lines and content related to COVID-19 to distribute malicious attachments, which exploit Microsoft Word document files, 7-Zip compressed files, Microsoft Visual Basic Script, Java, and Microsoft Executables. The FBI alert contains specific indicators of compromise and malware hash signatures, which providers can use to identify and mitigate these threats.

The FBI requests, and AHA strongly encourages, organizations targeted by a phishing campaign to contact their local FBI Cyber Task Force with a copy of the email, the full email header and any attachments. Organizations should not open the attachment unless they are able to examine it in a controlled and safe manner. If an organization is a victim of a cyber-intrusion, they should retain any logs, images of infected devices, and memory capture of all affected equipment, if possible, to assist in the response by the FBI.

For assistance in contacting the FBI or questions on this or other cyber and risk issues, contact John Riggi, AHA senior advisor for cybersecurity and risk, at jriggi@aha.org.

Related News Articles

Headline
The Centers for Medicare & Medicaid Services this week released updated fact sheets for hospitals and other types of Medicare and Medicaid providers…
Perspective
Cyberattacks are increasing globally and in the U.S., with health care organizations, especially hospitals and health systems, being prime targets. A recent…
Headline
Health care providers who received Provider Relief Fund and/or American Rescue Plan Rural payments exceeding $10,000 total between July 1 and Dec. 31, 2021,…
Headline
The House last night voted 220-210 to pass legislation (H.R.382) that would immediately terminate the COVID-19 public health emergency, and 227-203 to pass…
Headline
As the Congressional Telehealth Caucus considers updates to legislation that would permanently remove all geographic restrictions on Medicare telehealth…
Headline
The Biden Administration plans to end on May 11 the COVID-19 national and public health emergencies declared in 2020, according to a policy statement …