Settings
Language
Color Theme
Cybersecurity for medical professionals
Cybersecurity in healthcare protects patient information, clinical systems, and the continuity of care. In fast-paced environments, attackers disguise scams as routine clinical tasks to trigger quick actions.
Why medical professionals are targeted
Medical teams combine sensitive patient data with time-critical workflows. If an account or system is compromised, impacts can include privacy breaches, unsafe decisions, and disrupted services.
Which of the following BEST explains why medical professionals are targeted?
Loading...
View Options Again
Medical teams work with sensitive patient information and rely on critical systems
Only IT departments are targeted in hospitals
Patient data is not valuable to cybercriminals
Medical teams rarely use digital systems
Where cyber risk often starts
Many attacks on medical professionals begin as routine admin. A system notification, a results message, or a “quick confirmation” request that looks normal in a busy environment.
Urgency does not prove legitimacy
Clinical urgency is real, but it can also be imitated. Messages that push for an immediate action, especially involving the use of third-party websites or attachments should be handled with extra care.
Is the following statement True or False:
You receive an unexpected email from an unknown Gmail address saying a patient’s results need urgent review. Is it safe to click the link?
Loading...
View Options Again
True
False
Clinical judgment includes digital judgment
Medical professionals need to verify information before acting. Apply the same mindset online. If a request is unexpected, out of sequence, or unusually urgent, take a moment to confirm its authenticity before proceeding.
Shared devices and busy environments increase exposure
Clinics and hospitals often have shared workstations and fast handovers between shifts. Small lapses like leaving a screen unlocked can allow someone to assume your digital identity and perform malicious activities.
Is the following statement True or False:
Locking your screen when stepping away protects patient information, even if you are only gone briefly.
Loading...
View Options Again
True
False
Requests that bypass normal processes are high risk
Cybercriminals try to pull staff outside normal processes. They may ask you to click a link instead of searching in an internal system, move to texting, or keep a request “confidential” to avoid oversight.
A text message from an unknown sender asks you to fix a clinical issue by clicking a link and keeping it confidential. What should you do?
Loading...
View Options Again
Ignore it unless they follow up
Follow documented processes to verify the request and confirm before acting
Follow the instructions to keep services running
Share your login so a coworker can help quickly
Social engineering beyond email
Medical professionals are targeted through channels where pressure and trust can be created quickly, including phone calls, texts, and impersonation of other healthcare staff.
An unknown number calls your personal phone claiming to be from pathology, and asks you to confirm a patients details. What should you do?
Loading...
View Options Again
Stay on the line and follow instructions to save time
Ask them to send a link to verify your account
End the call and contact the pathology team using a known number
Provide the details so systems do not go down
Protecting patient trust
When healthcare access is compromised, the impact is not only technical. It can affect privacy, continuity of care, and patient confidence in the service.
Is the following statement True or False:
A cybersecurity incident in healthcare can impact patient care and trust, not just data.
Loading...
View Options Again
True
False
Wrapping up
Cybersecurity is not about slowing care. It keeps systems secure and protects sensitive patient information. If a message or request is unexpected, out of sequence, or unnecessarily urgent, pause and confirm it through official channels before taking action.
Back
Next
Translation Correction
×
Select a translation to correct...
Begin the Guided Tour
[0, "Begin the Guided Tour", "Begin the Guided Tour"],
Look out for urgency in email subjects, fraudulent sender addresses or requests to perform an action.
[1, "Look out for urgency in email subjects, fraudulent sender addresses or requests to perform an action.", "Look out for urgency in email subjects, fraudulent sender addresses or requests to perform an action."],
Compose
[2, "Compose", "Compose"],
Folders
[3, "Folders", "Folders"],
Inbox
[4, "Inbox", "Inbox"],
Starred
[5, "Starred", "Starred"],
Draft
[6, "Draft", "Draft"],
Sent Mail
[7, "Sent Mail", "Sent Mail"],
Spam
[8, "Spam", "Spam"],
Trash
[9, "Trash", "Trash"],
[URGENT] Claim Your Work From Home Set-Up Payment
[10, "[URGENT] Claim Your Work From Home Set-Up Payment", "[URGENT] Claim Your Work From Home Set-Up Payment"],
Human Resources
[11, "Human Resources", "Human Resources"],
to
[12, "to", "to"],
Claim Your Work From Home Set-Up Payment
[13, "Claim Your Work From Home Set-Up Payment", "Claim Your Work From Home Set-Up Payment"],
Our company acknowledges that we are all working from home for a longer period and is offering a one-time payment to all employees of
[14, "Our company acknowledges that we are all working from home for a longer period and is offering a one-time payment to all employees of", "Our company acknowledges that we are all working from home for a longer period and is offering a one-time payment to all employees of"],
to ensure that you have a suitable home working set-up.
[15, "to ensure that you have a suitable home working set-up.", "to ensure that you have a suitable home working set-up."],
To receive the payment via payroll
[16, "To receive the payment via payroll", "To receive the payment via payroll"],
you will need to complete this
[17, "you will need to complete this", "you will need to complete this"],
acknowledgement form
[18, "acknowledgement form", "acknowledgement form"],
For more information on how to set up your home office space safely, please look at the
[19, "For more information on how to set up your home office space safely, please look at the", "For more information on how to set up your home office space safely, please look at the"],
Thank you
[20, "Thank you", "Thank you"],
The Human Resources Team
[21, "The Human Resources Team", "The Human Resources Team"],
This is an automatically generated email, please do not reply
[22, "This is an automatically generated email, please do not reply", "This is an automatically generated email, please do not reply"],
Is the following statement True or False
[23, "Is the following statement True or False", "Is the following statement True or False"],
View Options Again
[24, "View Options Again", "View Options Again"],
Email Subject: Urgent Action
[25, "Email Subject: Urgent Action", "Email Subject: Urgent Action"],
Phishing attacks are designed to put a
[26, "Phishing attacks are designed to put a", "Phishing attacks are designed to put a"],
time pressure on us to act fast
[27, "time pressure on us to act fast", "time pressure on us to act fast"],
This can cause us to skip much of the critical thinking we normally apply when browsing our emails
[28, "This can cause us to skip much of the critical thinking we normally apply when browsing our emails", "This can cause us to skip much of the critical thinking we normally apply when browsing our emails"],
Email Sender: Fradulent Address
[29, "Email Sender: Fradulent Address", "Email Sender: Fradulent Address"],
Email Sender: Fraudulent Address
[30, "Email Sender: Fraudulent Address", "Email Sender: Fraudulent Address"],
Attackers will often use
[31, "Attackers will often use", "Attackers will often use"],
obscure email addresses and use display names
[32, "obscure email addresses and use display names", "obscure email addresses and use display names"],
that appear legitimate to the naked eye. Be cautious and carefully inspect email sender information
[33, "that appear legitimate to the naked eye. Be cautious and carefully inspect email sender information", "that appear legitimate to the naked eye. Be cautious and carefully inspect email sender information"],
Email Content: Engaging Topic
[34, "Email Content: Engaging Topic", "Email Content: Engaging Topic"],
Attackers often use a
[35, "Attackers often use a", "Attackers often use a"],
broad but important topic
[36, "broad but important topic", "broad but important topic"],
to increase the likelihood of a victim interacting with the phishing material. These topics may include geographic, political or financial themes.
[37, "to increase the likelihood of a victim interacting with the phishing material. These topics may include geographic, political or financial themes.", "to increase the likelihood of a victim interacting with the phishing material. These topics may include geographic, political or financial themes."],
Email Link: Phishing Website
[38, "Email Link: Phishing Website", "Email Link: Phishing Website"],
hovering over the link
[39, "hovering over the link", "hovering over the link"],
you'll see the true link location. Often this is enough to see the malicious intent.
[40, "you'll see the true link location. Often this is enough to see the malicious intent.", "you'll see the true link location. Often this is enough to see the malicious intent."],
Wrapping up
[41, "Wrapping up", "Wrapping up"],
If you
[42, "If you", "If you"],
spot anything suspicious
[43, "spot anything suspicious", "spot anything suspicious"],
with the email sender, subject, content, links or attachments
[44, "with the email sender, subject, content, links or attachments", "with the email sender, subject, content, links or attachments"],
Don't take the risk. Report the email to your IT or Security team for review.
[45, "Don't take the risk. Report the email to your IT or Security team for review.", "Don't take the risk. Report the email to your IT or Security team for review."],
Submit
[46, "Submit", "Submit"],
Next
[47, "Next", "Next"],
Back
[48, "Back", "Back"],
Malicious links will often appear with innocent looking text. By
[49, "Malicious links will often appear with innocent looking text. By", "Malicious links will often appear with innocent looking text. By"],
Correct!
[50, "Correct!", "Correct!"],
Incorrect
[51, "Incorrect", "Incorrect"],
True
[52, "True", "True"],
False
[53, "False", "False"],
Change language
[54, "Change language", "Change language"],
Current Language
[55, "Current Language", "Current Language"],
Use Browser Settings
[56, "Use Browser Settings", "Use Browser Settings"],
Select a language
[57, "Select a language", "Select a language"],
Change Language
[58, "Change Language", "Change Language"],
Please select a language
[59, "Please select a language", "Please select a language"],
Language
[60, "Language", "Language"],
Color Theme
[61, "Color Theme", "Color Theme"],
Color Theme And Background Selector
[62, "Color Theme And Background Selector", "Color Theme And Background Selector"],
Colorful Theme
[63, "Colorful Theme", "Colorful Theme"],
Select Theme
[64, "Select Theme", "Select Theme"],
Close
[65, "Close", "Close"],
Dark Theme
[66, "Dark Theme", "Dark Theme"],
Green Theme
[67, "Green Theme", "Green Theme"],
Purple Theme
[68, "Purple Theme", "Purple Theme"],
Light Theme
[69, "Light Theme", "Light Theme"],
Blue Theme
[70, "Blue Theme", "Blue Theme"],
Settings
[71, "Settings", "Settings"],
Theme Selected
[72, "Theme Selected", "Theme Selected"],
This training has been translated from English. If there is an inaccuracy, please report the correct translation by clicking here!
[73, "This training has been translated from English. If there is an inaccuracy, please report the correct translation by clicking here!", "This training has been translated from English. If there is an inaccuracy, please report the correct translation by clicking here!"],
Translation Correction
[74, "Translation Correction", "Translation Correction"],
Select a translation to correct...
[75, "Select a translation to correct...", "Select a translation to correct..."],
Original Text
[76, "Original Text", "Original Text"],
Correct Translation
[77, "Correct Translation", "Correct Translation"],
Translation to correct...
[78, "Translation to correct...", "Translation to correct..."],
Submissions are reviewed and applied within 48 hours.
[79, "Submissions are reviewed and applied within 48 hours.", "Submissions are reviewed and applied within 48 hours."],
Submit Correction
[80, "Submit Correction", "Submit Correction"],
Submission Successfully Sent
[81, "Submission Successfully Sent", "Submission Successfully Sent"],
Submission Error - Please Try Again
[82, "Submission Error - Please Try Again", "Submission Error - Please Try Again"],
Submission Sending...
[83, "Submission Sending...", "Submission Sending..."],
Mandatory Viewing
[84, "Mandatory Viewing", "Mandatory Viewing"],
Please watch the video from beginning to end before proceeding.
[85, "Please watch the video from beginning to end before proceeding.", "Please watch the video from beginning to end before proceeding."],
Ok
[86, "Ok", "Ok"],
Note: The Colorful, Blue, Light, and Dark Themes are all WCAG 2.2 Level AA conformant.
[87, "Note: The Colorful, Blue, Light, and Dark Themes are all WCAG 2.2 Level AA conformant.", "Note: The Colorful, Blue, Light, and Dark Themes are all WCAG 2.2 Level AA conformant."],
Language translation for this training module has been disabled and explicitly set to the following language
[88, "Language translation for this training module has been disabled and explicitly set to the following language", "Language translation for this training module has been disabled and explicitly set to the following language"],
I acknowledge
[89, "I acknowledge", "I acknowledge"],
Thank you for providing an acknowledgement
[90, "Thank you for providing an acknowledgement", "Thank you for providing an acknowledgement"],
Cybersecurity-For-Medical
[91, "Cybersecurity-For-Medical", "Cybersecurity-For-Medical"],
Cybersecurity for medical professionals
[92, "Cybersecurity for medical professionals", "Cybersecurity for medical professionals"],
Cybersecurity in healthcare protects patient information, clinical systems, and the continuity of care. In fast-paced environments, attackers disguise scams as routine clinical tasks to trigger quick actions.
[93, "Cybersecurity in healthcare protects patient information, clinical systems, and the continuity of care. In fast-paced environments, attackers disguise scams as routine clinical tasks to trigger quick actions.", "Cybersecurity in healthcare protects patient information, clinical systems, and the continuity of care. In fast-paced environments, attackers disguise scams as routine clinical tasks to trigger quick actions."],
Why medical professionals are targeted
[94, "Why medical professionals are targeted", "Why medical professionals are targeted"],
Medical teams combine sensitive patient data with time-critical workflows. If an account or system is compromised, impacts can include privacy breaches, unsafe decisions, and disrupted services.
[95, "Medical teams combine sensitive patient data with time-critical workflows. If an account or system is compromised, impacts can include privacy breaches, unsafe decisions, and disrupted services.", "Medical teams combine sensitive patient data with time-critical workflows. If an account or system is compromised, impacts can include privacy breaches, unsafe decisions, and disrupted services."],
Which of the following BEST explains why medical professionals are targeted?
[96, "Which of the following BEST explains why medical professionals are targeted? ", "Which of the following BEST explains why medical professionals are targeted? "],
Medical teams work with sensitive patient information and rely on critical systems
[97, "Medical teams work with sensitive patient information and rely on critical systems", "Medical teams work with sensitive patient information and rely on critical systems"],
Medical teams rarely use digital systems
[98, "Medical teams rarely use digital systems", "Medical teams rarely use digital systems"],
Patient data is not valuable to cybercriminals
[99, "Patient data is not valuable to cybercriminals", "Patient data is not valuable to cybercriminals"],
Only IT departments are targeted in hospitals
[100, "Only IT departments are targeted in hospitals", "Only IT departments are targeted in hospitals"],
Medical teams have access to sensitive patient data.
[101, "Medical teams have access to sensitive patient data.", "Medical teams have access to sensitive patient data."],
Where cyber risk often starts
[102, "Where cyber risk often starts ", "Where cyber risk often starts "],
Many attacks on medical professionals begin as routine admin. A system notification, a results message, or a “quick confirmation” request that looks normal in a busy environment.
[103, "Many attacks on medical professionals begin as routine admin. A system notification, a results message, or a “quick confirmation” request that looks normal in a busy environment.", "Many attacks on medical professionals begin as routine admin. A system notification, a results message, or a “quick confirmation” request that looks normal in a busy environment."],
Urgency does not prove legitimacy
[104, "Urgency does not prove legitimacy", "Urgency does not prove legitimacy"],
Clinical urgency is real, but it can also be imitated. Messages that push for an immediate action, especially involving the use of third-party websites or attachments should be handled with extra care.
[105, "Clinical urgency is real, but it can also be imitated. Messages that push for an immediate action, especially involving the use of third-party websites or attachments should be handled with extra care.", "Clinical urgency is real, but it can also be imitated. Messages that push for an immediate action, especially involving the use of third-party websites or attachments should be handled with extra care."],
You receive an unexpected email from an unknown Gmail address saying a patient’s results need urgent review. Is it safe to click the link?
[106, "You receive an unexpected email from an unknown Gmail address saying a patient’s results need urgent review. Is it safe to click the link?", "You receive an unexpected email from an unknown Gmail address saying a patient’s results need urgent review. Is it safe to click the link?"],
Cybercriminals use patient-impact framing to rush decisions. Always verify that the sender of a message is legitimate before clicking on unexpected links or downloading attachments.
[107, "Cybercriminals use patient-impact framing to rush decisions. Always verify that the sender of a message is legitimate before clicking on unexpected links or downloading attachments.", "Cybercriminals use patient-impact framing to rush decisions. Always verify that the sender of a message is legitimate before clicking on unexpected links or downloading attachments."],
Clinical judgment includes digital judgment
[108, "Clinical judgment includes digital judgment", "Clinical judgment includes digital judgment"],
Medical professionals need to verify information before acting. Apply the same mindset online. If a request is unexpected, out of sequence, or unusually urgent, take a moment to confirm its authenticity before proceeding.
[109, "Medical professionals need to verify information before acting. Apply the same mindset online. If a request is unexpected, out of sequence, or unusually urgent, take a moment to confirm its authenticity before proceeding.", "Medical professionals need to verify information before acting. Apply the same mindset online. If a request is unexpected, out of sequence, or unusually urgent, take a moment to confirm its authenticity before proceeding."],
Shared devices and busy environments increase exposure
[110, "Shared devices and busy environments increase exposure", "Shared devices and busy environments increase exposure"],
Clinics and hospitals often have shared workstations and fast handovers between shifts. Small lapses like leaving a screen unlocked can allow someone to assume your digital identity and perform malicious activities.
[111, "Clinics and hospitals often have shared workstations and fast handovers between shifts. Small lapses like leaving a screen unlocked can allow someone to assume your digital identity and perform malicious activities.", "Clinics and hospitals often have shared workstations and fast handovers between shifts. Small lapses like leaving a screen unlocked can allow someone to assume your digital identity and perform malicious activities."],
Locking your screen when stepping away protects patient information, even if you are only gone briefly.
[112, "Locking your screen when stepping away protects patient information, even if you are only gone briefly.", "Locking your screen when stepping away protects patient information, even if you are only gone briefly."],
Shared environments increase risk. Locking screens reduces unauthorized access and protects clinical systems.
[113, "Shared environments increase risk. Locking screens reduces unauthorized access and protects clinical systems. ", "Shared environments increase risk. Locking screens reduces unauthorized access and protects clinical systems. "],
Requests that bypass normal processes are high risk
[114, "Requests that bypass normal processes are high risk ", "Requests that bypass normal processes are high risk "],
Cybercriminals try to pull staff outside normal processes. They may ask you to click a link instead of searching in an internal system, move to texting, or keep a request “confidential” to avoid oversight.
[115, "Cybercriminals try to pull staff outside normal processes. They may ask you to click a link instead of searching in an internal system, move to texting, or keep a request “confidential” to avoid oversight.", "Cybercriminals try to pull staff outside normal processes. They may ask you to click a link instead of searching in an internal system, move to texting, or keep a request “confidential” to avoid oversight."],
A text message from an unknown sender asks you to fix a clinical issue by clicking a link and keeping it confidential. What should you do?
[116, "A text message from an unknown sender asks you to fix a clinical issue by clicking a link and keeping it confidential. What should you do?", "A text message from an unknown sender asks you to fix a clinical issue by clicking a link and keeping it confidential. What should you do?"],
Follow the instructions to keep services running
[117, "Follow the instructions to keep services running", "Follow the instructions to keep services running"],
Follow documented processes to verify the request and confirm before acting
[118, "Follow documented processes to verify the request and confirm before acting", "Follow documented processes to verify the request and confirm before acting"],
Share your login so a coworker can help quickly
[119, "Share your login so a coworker can help quickly", "Share your login so a coworker can help quickly"],
Ignore it unless they follow up
[120, "Ignore it unless they follow up", "Ignore it unless they follow up"],
Requests that bypass formal communication channels are a common scam signal. Always verify the request before performing the requested action.
[121, "Requests that bypass formal communication channels are a common scam signal. Always verify the request before performing the requested action.", "Requests that bypass formal communication channels are a common scam signal. Always verify the request before performing the requested action."],
Social engineering beyond email
[122, "Social engineering beyond email", "Social engineering beyond email"],
Medical professionals are targeted through channels where pressure and trust can be created quickly, including phone calls, texts, and impersonation of other healthcare staff.
[123, "Medical professionals are targeted through channels where pressure and trust can be created quickly, including phone calls, texts, and impersonation of other healthcare staff.", "Medical professionals are targeted through channels where pressure and trust can be created quickly, including phone calls, texts, and impersonation of other healthcare staff."],
An unknown number calls your personal phone claiming to be from pathology, and asks you to confirm a patients details. What should you do?
[124, "An unknown number calls your personal phone claiming to be from pathology, and asks you to confirm a patients details. What should you do?", "An unknown number calls your personal phone claiming to be from pathology, and asks you to confirm a patients details. What should you do?"],
Provide the details so systems do not go down
[125, "Provide the details so systems do not go down", "Provide the details so systems do not go down"],
Ask them to send a link to verify your account
[126, "Ask them to send a link to verify your account", "Ask them to send a link to verify your account"],
End the call and contact the pathology team using a known number
[127, "End the call and contact the pathology team using a known number", "End the call and contact the pathology team using a known number"],
Stay on the line and follow instructions to save time
[128, "Stay on the line and follow instructions to save time", "Stay on the line and follow instructions to save time"],
Impersonation works by controlling the interaction. Calling back through a trusted number breaks the scam.
[129, "Impersonation works by controlling the interaction. Calling back through a trusted number breaks the scam. ", "Impersonation works by controlling the interaction. Calling back through a trusted number breaks the scam. "],
Protecting patient trust
[130, "Protecting patient trust ", "Protecting patient trust "],
When healthcare access is compromised, the impact is not only technical. It can affect privacy, continuity of care, and patient confidence in the service.
[131, "When healthcare access is compromised, the impact is not only technical. It can affect privacy, continuity of care, and patient confidence in the service. ", "When healthcare access is compromised, the impact is not only technical. It can affect privacy, continuity of care, and patient confidence in the service. "],
A cybersecurity incident in healthcare can impact patient care and trust, not just data.
[132, "A cybersecurity incident in healthcare can impact patient care and trust, not just data.", "A cybersecurity incident in healthcare can impact patient care and trust, not just data."],
Compromised access can expose sensitive patient information and damage confidence in healthcare.
[133, "Compromised access can expose sensitive patient information and damage confidence in healthcare. ", "Compromised access can expose sensitive patient information and damage confidence in healthcare. "],
Wrapping up
[134, "Wrapping up ", "Wrapping up "],
Cybersecurity is not about slowing care. It keeps systems secure and protects sensitive patient information. If a message or request is unexpected, out of sequence, or unnecessarily urgent, pause and confirm it through official channels before taking action.
[135, "Cybersecurity is not about slowing care. It keeps systems secure and protects sensitive patient information. If a message or request is unexpected, out of sequence, or unnecessarily urgent, pause and confirm it through official channels before taking action.", "Cybersecurity is not about slowing care. It keeps systems secure and protects sensitive patient information. If a message or request is unexpected, out of sequence, or unnecessarily urgent, pause and confirm it through official channels before taking action."],
[136, "", ""],
Original Text (English)
Correct Translation (English)
Submissions are reviewed and applied within 48 hours.
Color Theme And Background Selector
×
Colorful Theme
Select Theme
Blue Theme
Select Theme
Light Theme
Select Theme
Purple Theme
Select Theme
Green Theme
Select Theme
Dark Theme
Select Theme
Note: The Colorful, Blue, Light, and Dark Themes are all WCAG 2.2 Level AA conformant.
