Government phishing scams seem to be the new trend, with online scams rising daily. The UK's National Cyber Security Centre (NCSC) recently identified six most commonly impersonated government agencies. Topping their list was an unexpected suspect – none other than Britain's beloved National Health Service (NHS). Coming in after they were TV Licensing and HM Revenue & Customs, followed by Gov. UK, DVLA and Ofgem as perpetrators saw fit to use for malicious activities across 2022.
The NHS has been the pinpoint for most hackers, with it being top in the list of government phishing scams reported last year. Scammers exploited the covid 19 Pandemic heavily by targeting PCR tests. It was an easy way to gather personal detail as many people were worried about contracting the virus at the time, so if they saw a message saying, for example, "you have been in contact with someone with covid. Click the link to get tested".
Most people would click and make themselves vulnerable to their information being stolen due to the panic of potentially having the virus and wanting to keep themselves and family safe.
The other branded attacks included the following:
Due to the current climate around the living crisis, a sharp incline in government phishing scams revolving around energy bills and support claims became evident. The director of NCSC, Sarah Lyons, explained that cybercriminals continue to exploit current trends to make their scams more believable. She exclaims that by "shining a light on these scams, we want to help people more easily spot the recurring tricks that fraudsters use" so that they can be safer online.
Despite continued advances in cyber security measures, phishing remains a significant threat to individual users and businesses. To keep companies and customers safe from attackers, organisations must deploy industry-standard solutions and implement tried-and-true best practices for protection against these often complex malicious campaigns. A combination of effective awareness and training surrounding phishing risks and effective anti-phishing tools is also vital to minimising threats.
To prevent Government Phishing scams from becoming more frequent Gov.UK website offers helpful ways to ensure your and others' personal information is not stolen. Their advice is if you think something is suspicious, report it to them by forwarding the email to their email addresses at firstname.lastname@example.org. From there, the National Cyber Security Centre (NCSC) mentioned above will investigate it. NCSC estimated that 6.4 million reports were received in 2022 (NCSC, 2022)
To learn more about phishing, please click the image below to find our other blog, "Damaging Phishing Emails On The Rise.