UAB Medicine, like shooting phish in a barrel
Want to get info on almost 20,000 patients? Just send email "…to employees [pretending] to be an executive asking them to fill out a survey." As part of the survey, ask for their username and password. Think people are smart enough to see through this? Think again. According to bleeping computer.com (read the story here), "some" fell for it. The UAB CISO Rob Ferrill hasn't even created either a DMARC or an SPF record. My my my.
Mad Max
CISO Career Advisor
#robferrill #uabmedicine #dmarc #databreach #phishing
Comments
Post a Comment
Leave your comment. The moderator will turn down no well-thought-out observations. We WILL turn down product plugs that are off target.