Blog
← Back to Blog
August 30, 2016 dental

That Email from Your Dental Supply Company Might Be Fake

Email inbox on computer screen

Over the past few weeks, we've seen a spike in phishing emails targeting dental practices. The twist: they're impersonating dental supply vendors. Henry Schein, Patterson Dental, Benco, the emails use real company logos, real-looking invoice formats, and plausible order details.

Your front desk staff orders supplies regularly. They're used to seeing invoices from these companies. So when an email arrives saying "Your order #48291 is ready for review" with a PDF attachment, the instinct is to open it. That's exactly what the attackers are counting on.

What These Emails Look Like

  • Sender address that's close but not quite right (henryschein-orders.com instead of henryschein.com)
  • Professional-looking formatting with company logos
  • An attachment labeled as an invoice, packing slip, or order confirmation
  • Sometimes a link to "view your order" that leads to a malicious website
  • Plausible order amounts ($200-2,000, typical for dental supply orders)

The attachments contain malware, often ransomware or banking trojans that steal login credentials.

How to Spot the Fakes

Check the Sender's Email Address

Don't just look at the display name. Click on it to see the actual email address. If it doesn't match the vendor's real domain exactly, it's a fake. Watch for subtle differences: extra letters, hyphens where there shouldn't be, different domain extensions (.net instead of .com).

Verify Unexpected Orders

If you receive an invoice for an order nobody remembers placing, don't open the attachment. Call the vendor directly using the phone number from their website (not from the email) and ask if the invoice is legitimate.

Hover Before You Click

If the email contains a link, hover your mouse over it (don't click) to see where it actually goes. If the URL doesn't match the vendor's real website, it's a phishing attempt.

Watch for Urgency

"Your account will be suspended," "Payment overdue, action required immediately," "Final notice." Legitimate vendors rarely communicate this way via email. Urgency is a social engineering tactic designed to make you act before you think.

What To Tell Your Team

Share these rules at your next team meeting:

  1. Never open attachments from unexpected emails, even if they look like they're from a known vendor.
  2. When in doubt, call the vendor. Use the number from their website, not the email.
  3. If you clicked something suspicious, tell IT immediately. Don't be embarrassed. Speed matters.
  4. Forward suspicious emails to your IT provider so they can block the sender for everyone.

The attackers are getting better at impersonating vendors you trust. Your team needs to be better at questioning what lands in their inbox.