Medical Professional Publications

Targeting Individuals is What’s New in Cybercrime

(From the April 2016 Issue of MedStat)

Recently, an HR employee of a well-known tech company received a request that fraudulently appeared to be from their Chief Financial Officer. The request asked for all employee W-2 information. The employee fulfilled the request and sent 10,000 employees’ W-2s to a hacker who would use the information to file fraudulent tax returns. Nationwide Children’s has also received these types of messages, but luckily have not responded.

What do cybercriminals want?

  • They want you to send data.
  • They want you to open an attachment or click a link. They will then use your access to run malicious software so they can control systems or information.
  • They want your user ID or password so they can overtake your email and send messages on your behalf.

What should you do?

  • Don’t trust unsolicited links and attachments. If you weren’t expecting an invoice or receipt for purchase, don’t open the attachment or click the link. Validate the information using external sources.
  • Trust your gut. If the CEO suddenly is emailing you and asking for data, validate the request.
  • Protect your user password like it was the key to your bank account.
  • Don’t assume because you are the only recipient of an email in your area and the messages “sound good” that it is OK. You may be the target.
  • Messages coming from “Information Services” will have a footer. If it doesn’t, don’t trust it.

Need more information? Call the Nationwide Children’s IS Support Center at (614) 355-3750 or email

myChildren’s mobile app

iPhone and Android.

Download Today! »

Nationwide Children's Hospital
700 Children's Drive Columbus, Ohio 43205 614.722.2000