Healthcare providers, particularly hospitals and clinics, were under enormous pressure during COVID-19. That meant employees were particularly susceptible to phishing attacks. In fact, one study found that healthcare workers’ average click-through rates on phishing campaigns during the COVID-19 pandemic
was 14.2%, most organizations strive to keep their click-through rates under 5%. It didn’t help that many ransomware groups specifically targeted healthcare providers as the pandemic reached its peak, knowing they would likely find a vulnerable employee who would be more susceptible to pay.