NHS staff report more than 40,000 spam emails
NHS staff have reported being overwhelmed with 43,108 malicious emails since the coronavirus crisis first struck, with half of these phishing attacks landing in inboxes during March alone.
According to Freedom of Information data obtained from NHS Digital by the Parliament Street think tank, 21,188 malicious emails targeted NHS workers during March and were reported to firstname.lastname@example.org.
The number of phishing attempts has been shown to have dropped off in the following months. Staff reported 8,085 malicious emails during April, followed by 5,883 reports in May and 6,468 in June. During the first two weeks of July, the latest period for which data is available, staff reported 1,484 to the NHS spam reporting inbox.
NHS Digital confirmed on 12 June that 113 NHSmail inboxes were compromised between the weekend of 30 May to 1 June. The NCSC also confirmed at that time that this activity was part of a widespread credential-harvesting phishing campaign that is targeting a broad range of organisations across the UK.
The NCSC itself received more than a million reports of email scans in just two months, and tech giant Google warned in April that approximately £2 million was believed to have been lost to coronavirus-related fraud in the UK alone.