Skip to main content

Student Loans Company hit by 5.5 million cyberattacks in 2019

(Image credit: Image Credit: Flickr / notoriousxl)

The UK's Student Loans Company (SCL) was hit by more than 5,000,000 email attacks last year, new figures from Griffin Law suggest.

Data obtained via a Freedom of Information (FOI) Act request suggests the organisation encountered 10,125 malware attacks and 19,188 phishing attacks - the remaining 5,415,960 were spam. The SCL says it managed to successfully defend itself from all the attacks.

Phishing, a fraudulent activity in which hackers send emails posing as someone else in order to obtain valuable information or money, is one of the most popular practices among criminals. In 2018, the report states, scammers managed to steal more than $120,000 of student loans from University students via this avenue.

Cybersecurity experts claim the best way to defend against phishing is to be careful when opening attachments and links from emails. Always double-check the address from which the email originated and, if possible, reach out to the sender via other channels to confirm the authenticity of the suspicious email.

The SCL provided funding for 1.34 million students in higher education in 2018/19, and 1.33 million students the year before. It is owned by the UK Government's Department for Education, the Scottish Government, the Welsh Government and the Northern Ireland Executive.

"With so much at stake, staff need to be aware of the threats and the cues that signal a malicious email. However, businesses cannot expect every employee to spot every phishing email 100 per cent of the time,” commented cybersecurity expert Tim Sadler, CEO at Tessian.

“Attacks are only becoming more sophisticated and the threat is constantly evolving. Businesses therefore need to take the burden off employees and instead use technology to protect their people, detecting phishing attacks and alerting employees to a threat in real time."