NCSC blocks more than 746,000 NHS phishing emails in one month
[London, UK] The National Cyber Security Centre (NCSC) blocked more than 746,000 phishing emails in February of last year pretending to be from an NHS account, a new report on the Active Cyber Defence (ACD) programme reveals.
NCSC’s ACD scheme seeks to tackle commodity attacks and protect the majority of people in the UK from harm, with other work strands focusing on more sophisticated, targeted threats. The 'One Year On' paper, published this week, details the work carried out in 2017 to mitigate cyber risks.
In the most common phishing attacks, scammers send people fake emails pretending to represent an organisation to trick them into putting in their details so that they can access their accounts. However, some of these are getting more sophisticated and harder to spot.
“Whatever your business, however big or small it is, you will receive phishing attacks at some point,” the NCSC says.
February was the only month in 2017 that saw nhs.uk be one of the three registered public sector domains with the highest number of phishing attacks blocked by NCSC, with the news first reported by the BBC.
It was also the month with the highest number of rejections by volume; in addition to nhs.uk, the NCSC blocked more than 383,000 gov.uk and over 75,000 hmrc.gov.uk phishing emails.
The centre also removed more than 121,000 unique phishing sites hosted in the UK last year, reducing the average availability from 26 hours to three hours.
Although the amount of global phishing, the NCSC says, has risen by 50% during the past year and a half, the share hosted in the UK has nearly halved (2.9%).
“This is only a start and there’s lots more to do. But the paper demonstrates that we’ve already achieved some cool stuff. I think we can summarise by saying that people in the UK are objectively safer in cyberspace because of the ACD programme,” wrote Dr Ian Levy, Technical Director of the NCSC, in a blog this week.