Skip Navigation

Masks Strongly Recommended but Not Required in Maryland, Starting Immediately

Due to the downward trend in respiratory viruses in Maryland, masking is no longer required but remains strongly recommended in Johns Hopkins Medicine clinical locations in Maryland. Read more.

News & Publications

Don’t Get Baited By Phishing Scams

02/16/2017
An american university was recently fined $650,000 by the Office for Civil Rights, the HIPAA enforcement agency, because a workstation was infected with malware, resulting in the breach of 1,670 patients’ information.
 
Malware can infect computers and personal devices through phishing, or the fraudulent use of emails that entices users to provide confidential information or click on links that appear familiar and safe. According to the Johns Hopkins Privacy Office, Johns Hopkins’ email users are frequently targeted for phishing
attacks, so faculty members, staff members and students need to be on guard to ensure that our electronic systems remain secure. Read through a few tips to help keep your information and our patients’ information safe.
 
1. Don’t click on links from unfamiliar email addresses. Phishing emails can come from JHED users whose system has been compromised. If you receive a suspicious email, send it to [email protected]. Do not forward the email to your co-workers or colleagues.
 
2. Know your websites. Clever hackers can create phony messages, such as “verify your account” or “log in,” or websites that have a familiar look and feel that encourage you to provide credentials and/or click on links that install malware. Never provide credentials or personal information in response to an inquiry you receive by email.
 
3. Use common sense. Read emails in their entirety. If you see multiple misspellings, phony or suspicious-looking URLs or email addresses, or any promise of riches and inheritance, it is likely a scam. Do not click on any links, and instead forward the email to [email protected] the next several weeks and months, IT@Johns Hopkins will be conducting anti-phishing awareness campaigns that may involve sending nonharmful, phishing-style messages. Individuals who open links or send credentials to fake sites as part of a Johns Hopkins test will receive phishing awareness information in return. This technique of real-time awareness has proven effective at other institutions and will assist in an analysis of Johns Hopkins users’ practices.