Skip to main content

NHS hit by millions of email scams in 2020

(Image credit: Image source: Shutterstock/Wichy)

Cybercriminals bombarded healthcare professionals with fraudulent emails during the pandemic, according to new figures published by think tank Parliament Street.

Since the start of the pandemic, the UK National Health Service (NHS) has been hit with a total of 43,108 scam emails, with doctors, nurses and support staff reporting 21,188 malicious emails in March alone.

Attacks have tapered off slowly over the past few months. In April there were 8,085 reports, 5,883 in May, 6,468 in June, followed by 1,484 in the first half of July.

Not only did healthcare professionals face a high volume of spam messages, but 113 NHS inboxes were also compromised during lockdown, to be used in future spear phishing attacks.

According to the NHS Digital newsletter, organizations should undertake checks to ensure staff are aware and authorize any requested changes to their bank details before those changes are made.

“The NHS continues to play a critical role in the fight against Covid-19, yet unfortunately no organization is safe from opportunistic cybercriminals, who will stop at nothing to steal confidential patient data,” said Chris Ross, SVP International at Barracuda Networks.

“The wealth of personal and financial data stored in NHS inboxes is a goldmine to potential hackers, who will use email scams to trick doctors, nurses, and frontline workers inadvertently handing over private information.”