Cybersecurity Awareness Month and Recent Phishing Attempts

This October, National Cyber Security Awareness Month is commemorating its 15th year as an annual initiative to bring awareness to organizations about the importance of cybersecurity.  It is a collaborative effort between government and industry to ensure safe resources and online security in our nation. 

Here at CHOP, Information Security is a shared responsibility of the entire workforce.  We aim to follow and encourage STAR Safety Behaviors for Error Prevention:  STOP, THINK, ACT, REVIEW.

To mark this event, Information Services will be holding internal activities such as weekly security quizzes and prizes, weekly cyber security facts, a Health Information Technology (HIT) Week Showcase table (Thursday, October 11; Stokes Rotunda; 9 – 11:30 a.m.), and road shows to interested teams and departments across CHOP.  Be on the lookout for updates in “This Week at CHOP” and Information Security@CHOP.

As we kick off Cybersecurity Awareness Month, it is the perfect time to notify our employees of recent high volumes of phishing attempts.  It is critical that our users pay close attention to the emails they are receiving and confirm they are in fact, legitimate.  Our enterprise relies heavily on email as a major communication vehicle for our day-to-day operations.  Of course, this makes us the perfect target for phishing attacks.  As a result, we must continue to follow the very best practices that can help protect CHOP against such malicious scams.

Before sending responses, clicking on links, or opening attachments, be sure to look for the following:

  • Generic greetings such as “Hello John Smith”
  • Requests for any personal information
  • Requests for urgent responses
  • Spoofed links (hover over link to verify authenticity but never click)

Though our Technology Services and Security Operations departments are closely monitoring these situations, all of our users must continue to practice with a questioning attitude. If you are unsure about an email that you receive, or suspect a deceptive message, please contact the Service Desk (ext. 4-HELP) without any hesitation.  The faster our users report suspicious activity, the faster our IS teams can deal with it.

If you are interested in a Cybersecurity Awareness presentation for your group, or if you have any questions, please contact Information Security.

Thank you for your cooperation in continuing to safeguard CHOP, our patients and families, and the sensitive information we are responsible for maintaining.  Your attention to detail and action is key in identifying these attacks.

Monique St. John
Chief Technology and Security Officer