Back to Email phishing

Email phishing

Equitas Health data breach exposes medical information of its members.


On May 15, 2019, nonprofit healthcare center Equitas Health disclosed that a breach occurred in its email systems. The compromised information included members’ names, dates of birth, medical history, medical record numbers, health insurance provider details, and insurance policy numbers. In some cases, Social Security numbers and driver's license numbers were also stolen.

The incident.

On January 8, 2019, Equitas Health discovered that two of its employees' email accounts containing members' personal and medical information were accessed by intruders. With the help of a cybersecurity firm, Equitas Health has taken steps to bolster the security of its email systems. Besides notifying all potentially affected individuals, Equitas Health is offering free identity protection services for all impacted members for a year.

Email accounts can be accessed improperly via email phishing attacks, brute force attacks, credential stuffing attacks, and more. Stay one step ahead of attackers by investing in a smart tool like Exchange Reporter Plus, which monitors and thwarts email-bound cybersecurity threats. Download a free, 30-day trial of Exchange Reporter Plus today.

How ManageEngine can help you avoid such incidents.

Exchange Reporter Plus provides a host of reports that can help you locate suspicious emails, both sent and received, based on keywords in their subject or body. Often times, these malicious emails appear to be valid, tricking users into opening the emails and clicking on the links embedded in them, which can cause serious damage.

With Exchange Reporter Plus, you can locate emails based on:

  • Messages by subject keyword. Use reports to identify particular keywords in the email subject lines.
  • Messages by body keyword. Identify all the messages in your mailbox that have a particular keyword in the body of the email.
  • Attachment name. Get a report of all emails in your mailbox that have an attachment with a specific name. If you know the names of the malicious files, you can take the necessary steps to stop email-bound threats.
  • Attachment type. You can spot malicious software based on an attachment’s file extension (most malware comes in EXE format).
  • Non-owner mailbox access. Obtain reports on all users who gained excessive rights to access other user mailboxes, and alert administrators immediately.
  • The number of emails received from a specific domain, sender, department, or external email address. Get reports on all incoming emails from an external email address, a blacklisted sender or domain, or a specific department.
  • Messages by subject keyword
    Messages by body keyword
    Attachments by file name keyword
    Attachments by file extension keyword

Explore more features in ExchangeReporter Plus, and gain granular insights into your Exchange environment.

Additionally, M365 Manager Plus offers an advanced Microsoft 365 mailbox content search capability that identifies phishing emails by analyzing internet message headers, subjects, attachments, and bodies of emails. With this feature, you can identify the sender's email address, the device and OS used to compose the email, and the servers the email passed through.

Start your free, 30-day trial of M365 Manager Plus today to try out all these features.


Stay In The Know

Thank you

You will receive weekly cybersecurity news soon!

  • Please enter a business email id
    By clicking 'I'm Interested', you agree to processing of personal data according to the Privacy Policy.

© 2022 Zoho Corporation Pvt. Ltd. All rights reserved.