Session ID: 

"Don't be Phooled!" What You Need to Know About Phishing

1:30pm - 2:30pm Tuesday, February 12
Orlando - Orange County Convention Center


Phishing represents a significant threat to individuals, businesses, healthcare organizations and government entities. The weakest link in any security program is the people. The size or sophistication of the organization does not matter—and healthcare is no exception. Phishing is a pervasive problem which can no longer be ignored without adverse consequences. Phishing techniques have become quite sophisticated from the human and technical perspectives. The impact and consequences of a successful phishing attempt can also be significant. The phishing message may seem very convincing and authentic—especially when coming from a trusted vendor, a colleague, or a friend. This session will discuss the latest phishing techniques, anatomy of a phishing attack, sample phishing messages and how to mitigate the threat. This is based upon the research findings of the DHS Analytic Exchange Program's "Don't Be Phooled" white paper.

Learning Objectives: 

  • Explain the psychology of phishing attacks from the attackers' and victims' perspectives
  • Illustrate the anatomy of a phishing attack from the attacker's perspective, including the tools and tactics that are used
  • Discuss new phishing attacks and how spear-phishing has evolved with artificial intelligence and good old fashioned reconnaissance
  • Recognize advanced targeted phishing attacks such as spear-phishing
  • Discuss mitigation techniques to mitigate the phishing threat


Director, Privacy and Security,
HIMSS North America


IT Professional