The National Health Service (NHS) topped the list of UK government organizations most frequently impersonated in suspected email scams last year, according to the National Cyber Security Centre (NCSC).
The NCSC claimed its wildly popular Suspicious Email Reporting Service (SERS) received 6.4 million reports from members of the public during the year, resulting in the takedown of 67,300 phishing and scam URLs.
As one of the government’s best known “brands,” it’s perhaps unsurprising that the NHS came top of those mentioned in reports that resulted in takedowns.
It was followed by TV Licensing, HM Revenue & Customs (HMRC), Gov.uk, Driver and Vehicle License Agency (DVLA), and energy regulator Ofgem – which has been in the news frequently of late due to surging energy bills.
Ofgem CISO, Mike Glassey, said his organization worked with the NCSC in 2022 to identify and respond to over 100 phishing campaigns “in near real time” to keep consumers safer.
“Protecting consumers is our top priority and it is alarming that vulnerable customers are being preyed upon when people are already struggling so much with energy bills,” he added.
Whatever your business, however big or small it is, you will receive phishing attacks at some point. Think about how you will help your staff understand the threat and how to spot phishing. As with other advice, give them the tools to defend against it in their personal lives and they will bring that behaviour back to work.
“That’s why, as energy regulator, on top of issuing our own warnings and advice, we have asked all energy suppliers to ensure clear and up to date information on scams is easily accessible on their websites.”
Scammers also took advantage of interest in COVID-19 PCR tests last year to lure victims to their phishing pages, as well as HMRC tax rebate scams, the NCSC said.
“We know cyber-criminals try to exploit trends and current affairs to make their scams seem convincing and sadly our latest data shows 2022 was no exception,” argued NCSC deputy director for economy and society resilience, Sarah Lyons.
“By shining a light on these scams we want to help people more easily spot the common tricks fraudsters use, so that ultimately they can stay safer online.”
Since the SERS was launched in 2019, it has apparently received 15.8 million reports and resulted in 198,500 takedowns.
Source: Infosecurity Magazine By: Phil Muncaster