The practice of spam began innocently enough in 1978 (yes, really), when Gary Thuerk, a marketing associate at Digital Equipment Corporation sent a promotional mass-email to 400 recipients touting the arrival of the company’s new T-series of VAX systems. The reaction was swift, fierce, and familiar: unadulterated annoyance.

Today, the practice of spam continues in full force. A recent report shows that spam accounted for 53.5 percent of all worldwide email traffic. Unfortunately, over the past 40+ years, modern spam has evolved from mere nuisance to sophisticated criminal activity. Hackers on a global scale are looking beyond chain letters and pyramid schemes, instead sending sophisticated cyber attacks that can circumvent network security with just a single user click.

One of the biggest industries hit by spam cyber attacks and data breaches? Healthcare.

As the second largest segment in the country’s economy, U.S. healthcare endures twice as many cyber attacks and data breaches as other verticals, prompting healthcare organizations across the country to up cybersecurity spending and pay careful attention to their networks to ensure they provide a secure email environment that protects both user and patient data.

What Are the Most Prominent Healthcare Spam Threats?


Phishing emails have become the preferred mode of cyber attack for worldwide healthcare hackers. Phishing scams send unsolicited emails to users falsely claiming to be an established, often well known, and (most importantly) legitimate business enterprise in an effort to dupe users into divulging personal information. Often, the initial spam email offers a link that guides users to a fraudulent web page where they are asked to update sensitive data such as social security information, credit card details, login credentials, and bank account information.


Hackers often include malicious code imbedded somewhere in the actual email, taking the form of either attached documents such as PDF and Word Documents, or as links pointing to sites with malicious scripts designed to run silently in a user’s browser.  As soon as a user clicks on the designated link, the malware completely takes over, spreading itself throughout entire networks sometimes in mere seconds. Some malware can even join a user’s computer, granting the cybercriminal total control of the system to do with it as they see fit.  

Preventing Email Cyber Attacks in Healthcare

With spamming and email cyber attacks surging throughout the industry, healthcare administrators are paying close attention to prevention methods as a means to keep their network security integrity intact. Some of the best ways to remain vigilant in the war against spam include:

Strengthen Your Email Filters

If you’ve noticed that your healthcare organization is suddenly being plagued with spam, it may be time to up your email filters to better screen through unwanted communication. Word of caution: Resist the urge to crank your filters up to the highest setting, as there is definitely a fine line between increasing security and suddenly tossing everything in the “spam bin,” including emails from clients.

Consistent Personnel Training

Unfortunately, healthcare employees are often the weakest link when trying to maintain a secure email environment, simply because they don’t know when a problem even exists. One of the best ways for healthcare companies to prevent a spam cyber attack is to keep all staff members (both administrative and clinical) aware of the dangers of spam, as well as the very latest hacker trends to avoid. Consistent training can give the team the insight it needs to keep the system protected.

Comprehensive Email Security Solution

For healthcare organizations determined to minimize their risk of spamming, partnering with a third-party managed services security provider (MSSP) for a full-scale email security strategy delivers an ideal solution. A qualified MSSP will carefully evaluate your email network to develop a customized security strategy explicitly designed to block email-borne cyber attacks based on unique system vulnerabilities and keep the medical providers’ technology operating at maximum capacity.