Hospitals are frequently targets for cyber and social engineering scams following disasters. Hospitals can mitigate their risk by recognizing and preventing cyber threats, phishing emails, ransomware attacks, and fraudulent fundraising campaigns.

This tip sheet emphasizes the importance of staff training, implementing cybersecurity measures, and maintaining awareness of potential scams to safeguard sensitive information and ensure operational continuity during emergencies.

This tip sheet outlines common scams attempted in times of crisis, including spoofs of relief organizations, sham flood mitigation or debris removal organizations, and flood insurance robocall scams.

Those who wish to donate to relief funds should:

• Donate to known and trusted charities
• Be alert for charities that seem to have been created in connection with current events
• Designate the disaster to ensure funds go to disaster relief rather than a general fund
• Never click on links or open attachments in an email unless the sender is known
• Keep antivirus and other computer software updated

Hospital Tips on Avoiding Cyber and Social Engineering Scams