NHS Staff Subjected To Scam Emails During Pandemic Height

As NHS staff were playing a critical role in the UK’s fight with the Coronavirus pandemic, criminals and scammers were seeking to exploit the crisis with constant cyberattacks.

This was the reality for for many NHS staff, after data was revealed by NHS Digital, which said that doctors, nurses and support staff had encountered 43,108 scam emails during Covid-19 outbreak.

The data had been obtained by the Parliament Street think tank under Freedom of Information (FOI) legislation.

Coronavirus attacks

According to the data from NHS Digital, at the start of the crisis in March, NHS staff received 21,188 malicious emails including spam and phishing attacks to spamreports@nhs.net, the official NHSmail reporting address.

It was quieter in April as there was only 8,085 reports, in May 5,883 and 6,468 in June, followed by 1,484 in the first half of July.

In June, NHS Digital reportedly said that more than a hundred NHSmail mailboxes were compromised through which malicious emails were sent to external recipients recently.

The phishing incident took place between 30 May and 1 June, compromising 113 mailboxes.

Nothing safe

Security experts were quick to point out that the data showed nothing is safe from criminals these days.

“The NHS continues to play a critical role in the fight against Covid-19, yet unfortunately no organisation is safe from opportunistic cyber criminals, who will stop at nothing to steal confidential patient data,” commented Chris Ross, SVP international at Barracuda Networks.

“The wealth of personal and financial data stored in NHS inboxes is a goldmine to potential hackers, who will use email scams to trick doctors, nurses, and frontline workers inadvertently handing over private information,”said Ross.

“Our recent research revealed that there has been a spike in cyber criminals using official email domains, such as Gmail and Yahoo, to bypass inbox defences and trick users into revealing personal details by impersonating a colleague, manager, or trusted partner,” said Ross.

“This is why it is essential that organisations, especially those that manage significant quantities of sensitive information, invest in inbox defence software which leverages artificial intelligence to identify unusual senders and requests.”

Another expert agreed the data was a reminder of the ongoing threats being faced by organisations.

“With many healthcare workers and back office support staff dispersed due to lockdown and social distancing restrictions, it’s no surprise that malicious hackers are seeking to cash-in on the Covid-19 crisis,” said Andy Harcup, VP at Absolute Software.

“Increasingly, we’re seeing a variety of sophisticated attacks targeting email inboxes of people working from home, often using personal devices that fraudsters believe are poorly protected,” said Harcup. “These figures are a reminder of the risks posed to the NHS by malicious cyber criminals and it’s essential that IT chiefs ensure the entire fleet of mobile devices in use are completely secure, with encryption turned on and the ability to wipe or freeze laptops in the event of theft or loss.”

Second wave

Another expert warned that it was highly likely that criminals will also take advantage if there is a second wave.

“Cybercriminals follow the news far more than we may like to think,” said Jake Moore, cybersecurity specialist at ESET. “They are very clever at jumping on a pandemic amongst the chaos and subtly sending out phishing campaigns in an attempt to cause more damage to an organisation built to protect us.”

“It is highly likely that threat actors around the world will start to increase their attacks in their own form of a second wave once genuine vaccine information starts to be released,” said Moore. “Hopefully, the NHS has learnt that they remain a big target and therefore must have protection in place to mitigate any attempts to either extort or steal confidential data.”

“Many people are still working from home in the NHS, and must remain vigilant to the constant threats,” he concluded. “As phishing emails continue to be the most prominent vehicle to infiltrate or disrupt systems, I would urge staff to verify every email they receive.”