NHS staff targeted by nearly 140,000 malicious emails last year
Cyber criminals bombarded NHS staffers with a total of 137,476 malicious emails last year, according to official figures from NHS Digital, the national provider of information, data, and IT systems for the health service.
The data, obtained under the Freedom of Information (FOI) Act by the Parliament Street think tank, revealed that doctors, nurses and admin staff reported 27,958 suspected phishing emails targeted the NHSmail email service, designed to lure the recipient into handing over confidential data. Additionally, health workers reported 109,491 suspected spam emails throughout the year.
The data shows that January 2020 was the highest month for reported attacks, with 29,355 in total, made up on 4,895 phishing attempts and 24,460 spam reports. The next highest month was the peak of UK lockdown restrictions in response to the Covid-19 pandemic, with 28,855 malicious emails reported, made up of 5,749 phishing attacks, and 23,106 spam reports.
Interestingly, the period from April to December saw a steady decline in the number of suspicious emails reported to NHS Digital, decreasing from 11,068 in April, down to a yearly-low of 4,382 in December.
Despite these lower figures, in June 2020 NHS Digital revealed that more than a hundred NHSmail mailboxes had been compromised, and were sending malicious emails to external recipients.
Chris Ross, SVP, International at Barracuda Networks comments:
“These figures are a reminder that when it comes to stealing confidential data and wreaking havoc, cyber criminals still consider our health service to be fair game. Unfortunately, these scam emails are often incredibly realistic, lulling the victim into a false sense of security to hand over passwords, patient records, and sensitive information by impersonating legitimate brands and even fellow employees.
“With the global pandemic putting a huge strain hardworking doctors, nurses, and clinical staff, it’s absolutely vital that email systems are properly protected from outsider threats, to block malicious emails before they reach the inbox. It is equally important for Trusts to issue the necessary guidance about the risks associated with phishing attacks, so that staff are aware of the techniques associated used and can think twice before handing over important information to suspicious third parties.”
More in Health
Activate Business School launches new education programme for aspiring health leaders
Activate Business School is delighted to announce it is launching a new award to help develop and train health and care staff across Buckinghamshire Oxfordshire and Berkshire (BOB).
CEO FOCUS: Take Your Best Shot
A fascinating interview with Thomas Hal Robson-Kanu, international professional football player and founder of The Turmeric Co, one of the UK’s fastest growing health brands.
Blenheim to Host European Transplant and Dialysis Games
Blenheim is set to host three days of competition as part of the European Transplant and Dialysis Games which will arrive in the UK next week (23rd-25th August) for the first time ever.
From this author
COP26 Response from Anthony Baker, Founder of Satellite Vu
A big story has just come out of COP26, and reported by the BBC, that UK firms will soon be forced to show how they will hit net zero.
Over one third of online shoppers will only associate with responsible...
More than one third (35 per cent) of online shoppers in the UK will only associate with ‘responsible’ brands – including those that treat staff fairly, source goods ethically, and do not misuse consumer data.
HMRC-branded phishing scams surge 87% in a single year
Total reports of suspected email, SMS, and phone attacks jump from 572,029 to 1,069,522 during the Covid-19 pandemic