Asante News, HealthStream caught in phishing exercises
On June 9, employees received one of two emails that appeared to be from trusted sources — Asante News and HealthStream — only to learn that when they followed the emails’ instructions they were phished.
The exercise was part of a routine security check performed by Asante ITS. More than 7,800 employees received the phishing emails. More than 1,250 opened the email and 883 clicked on the links. Significantly, 650 employees entered their credentials. In a real phishing attack, this would have left the door wide open to malicious actors.
Alert users may have noticed the clues:
- The “from” field used a made-up email address. No internal newsletters are sent from “corp-internal.com.” Instead, the sender’s field will include the asante.org domain.
- The email contained a yellow highlighted warning indicating it came from outside our system. Our employee newsletter does not have a warning.
- It features an old banner.
- The newsletter is dated 2020.
1. The sender is wrong. The real email address is hs*******@he**********.com.
2. The email contains links. HealthStream education alerts will never include links, but instead will direct you to log in through ALEC.
3. The copyright is from 2019.
If you have a question, please contact the author or relevant department directly.