Spear phishing is a term I’ve heard a few times, but a solid write-up of it can be found from the Krafty Librarian’s semi-recent post. The malicious acquisition of information online has been a problem since…well, since ‘online’ was a thing. Spear phishing involves using personalized information gathered about a certain person (usually from LinkedIn accounts, apparently), to gain even more information; posing as a coworker in an email in order to get you to click on a link, for example.
With the digitization of medical records over the next decade, scammers such as this will have more targets than in the past. I can’t imagine these people wanting the medical records themselves – there’s no money there – but perhaps the records will provide the ‘in’ scammers need to get started spear phishing. Just another thing to be afraid of on the internet, I suppose.