Skip to main content

NHS doctors and nurses targeted by torrent of malicious emails

(Image credit: Image source: Shutterstock/wk1003mike)

Employees of the National Health Service (NHS) are a popular target for cybercriminals, judging by the amount of spam and phishing emails they received in 2020.

According to a new report from the Parliament Street think tank, based on a Freedom of Information (FoI) request, NHS staffers were on the receiving end of 137,476 malicious emails last year.

Of that number, the vast majority (109,491) were spam messages, while the rest (27,959) were suspected phishing emails. The highest volume of malicious emails were sent out in January 2020, with 29,355 in total and 4,895 phishing attacks, while March was the second biggest month.

From that point on, dangerous emails went on a “steady decline”, sinking from 11,068 in April to 4,382 in December.

Unfortunately, attackers enjoyed moderate success, managing to compromise more than a hundred NHSmail inboxes in June alone. These inboxes were then used to send malicious emails to external recipients, it was said.

“These figures are a reminder that when it comes to stealing confidential data and wreaking havoc, cyber criminals still consider our health service to be fair game," said Chris Ross, SVP, International at Barracuda Networks.

"Unfortunately, these scam emails are often incredibly realistic, lulling the victim into a false sense of security to hand over passwords, patient records, and sensitive information by impersonating legitimate brands and even fellow employees."