The Florida Department of Health has been alerted to phishing emails sent to health care licensees reporting to be a license update and bearing the Department’s logo. Clicking on links from this email will prompt you to enter credentials that malicious actors may use to access your account and maybe also used for an attack known as credential stuffing, where attempts are made to access other accounts using the same or similar password patterns.

What you need to know: Please be extra cautious when clicking on links or attachments, even from emails that appear to be from authoritative sources. An example of the email reported is below but may not be the only variation on the theme. Note the unusual sender email address, and when hovering over the link, it goes to a Russian domain that is not associated with the State of Florida or Medical Quality Assurance.

What you need to do: If you receive one of these emails, report it as spam or phishing using the options available with your email provider. If you have followed a link and entered credentials or personal information, we recommend resetting your password for any accounts that use the same or similar passwords. As an extra precaution, we also recommend that you enable multifactor authentication with your email provider and other online accounts.

Thank you for your diligence.