While the Covid-19 pandemic accelerated the digital adoption across India, it simultaneously opened the doors to cybercriminals. With people increasingly becoming dependent on online banking, UPI and mobile apps, scamsters manipulated the vulnerabilities in the digital system. As people moved away from paper and started sharing most of their critical information on emails, India recorded unprecedented digital growth. But with this shift, the scammers too shifted their ways and began targeting the important information hidden in the attachments of these emails, using the weaknesses that came along with going digital. This paper examines recent cyber incidents where healthcare institutions suffered data breaches due to intercepted email attachments. Highlighting vulnerabilities like unsecured email transmissions and insufficient cybersecurity protocols, the study suggests countermeasures such as PyMinizip for encryption, AWS S3 signed URLs, and multifactor authentication to protect sensitive patient information. Implementing these solutions could radically reduce risks, enhancing the security of email communications and safeguarding people’s personal data.