NHS and HMRC among most-impersonated agencies by cyber-scammers

Written by Sam Trendall on 6 January 2023 in News

Cyber intelligence unit reveals the government brands most often cited in attempted fraud and hacking

Credit: Gerd Altmann/Pixabay

The NHS is the public sector brand most-often impersonated by cybercriminals attempting to perpetrate email scams.

The National Cyber Security Centre has revealed that its Suspicious Email Reporting Service received 6.4 million reports of scams in 2022, resulting in 67,300 websites being taken down.

Phishing attempts often invoke a government or other trusted brand and, according to the NCSC, the NHS was the most widely impersonated public-sector entity last year.

TV Licensing was second on the list, with HM Revenue and Customs in third. 

The department frequently issues public warnings about fraudsters attempting to use the its name; in October, HMRC announced that, in the preceding 12-month period, it had been alerted to 181,296 instances in which citizens had received a suspicious communication purporting to be from the tax agency.

A total of 55,386 suspected phone scams were reported to HMRC during the year, and the department identified 10,565 “malicious websites” – all of which were then reported to authorities to be shut down. Nearly 50 phone numbers were also taken out of service. 

Related content

The GOV.UK brand was fourth on the NCSC’s list of the public-sector brands most used in email scams, with the Driver and Vehicle and Licensing Agency and Ofgem – the energy regulator – completing the top six.

Mike Glassey, chief information security officer at Ofgem, said: “Protecting consumers is our top priority and it is alarming that vulnerable customers are being preyed upon when people are already struggling so much with energy bills. That’s why, as energy regulator, on top of issuing our own warnings and advice, we have asked all energy suppliers to ensure clear and up to date information on scams is easily accessible on their websites.”

The NCSC encourage any members of the public that receive a communication they believe might have been targeted by an attempted to scam to contact the Suspicious Email Reporting Service at report@phishing.gov.uk. Text messages can be forwarded to 7726.

“We know cybercriminals try to exploit trends and current affairs to make their scams seem convincing and sadly our latest data shows 2022 was no exception, said Sarah Lyons, the centre’s deputy director for economy and society resilience. “By shining a light on these scams, we want to help people more easily spot the common tricks fraudsters use, so that ultimately they can stay safer online. There is much more advice on the NCSC’s website about spotting suspicious messages, along with our Cyber Aware guidance to help people protect their devices.”


About the author

Sam Trendall is editor of PublicTechnology. He can be reached on sam.trendall@publictechnology.net.

Share this page




Please login to post a comment or register for a free account.

Related Articles

Cost of developing emergency alerts system pegged at £25m
5 June 2023

Minister reveals up more than £4m spent on testing, security and other support contracts

Ex-intelligence chief ‘appalled’ at ministers’ use of private messages
1 June 2023

Former GCHQ and Home Office leader David Omand expresses disapproval of use of WhatsApp and other platforms for government business

ICO urges Capita customers to ‘check their position’ after 90 organisations report data breaches
31 May 2023

Technology services firm has revealed two data-compromising incidents in recent week


MoJ reprimanded by ICO after ‘bags of confidential documents’ exposed for over two weeks
25 May 2023

Sensitive data was left unsecured in prison holding area, according to data watchdog

Related Sponsored Articles

Proactive defence: A new take on cyber security
16 May 2023

The traditional reactive approach to cybersecurity, which involves responding to attacks after they have occurred, is no longer sufficient. Murielle Gonzalez reports on a webinar looking at...