Editorial

NHS most impersonated by scammers

The NCSC says cybercriminals are impersonating well-known government brands, such as the NHS, HMRC and Ofgem in phishing emails.

Posted 5 January 2023 by Christine Horton

The NHS tops the list of most impersonated government brands used by scammers.

The scams unveiled by the National Cyber Security Centre (NCSC) include phishing emails and messages from cybercriminals impersonating well-known government brands, such as the NHS, HMRC and Ofgem.  

In 2022, the NCSC saw scammers exploit the rising cost of living with Ofgem energy bill support scams and HMRC tax rebate scams, while scammers continued to take advantage of the coronavirus pandemic to attempt PCR test scams.  

The top government-branded attacks that have been reported to the NCSC’s Suspicious Email Reporting Service (SERS) that have resulted in takedowns are:

  1. National Health Service (NHS)
  2. TV Licensing
  3. HM Revenue & Customs
  4. Gov.uk
  5. DVLA
  6. Ofgem

The NCSC said SERS received 6.4 million reports during 2022, with 67,300 scam URLs removed as a result. This brings the total number of reports to SERS since its launch in 2020 to 15.8m, with 198,500 takedowns.

“We know cybercriminals try to exploit trends and current affairs to make their scams seem convincing and sadly our latest data shows 2022 was no exception,” said Sarah Lyons, NCSC deputy director for economy and society resilience. “By shining a light on these scams we want to help people more easily spot the common tricks fraudsters use, so that ultimately they can stay safer online.   

If you liked this content…

“There is much more advice on the NCSC’s website about spotting suspicious messages, along with our Cyber Aware guidance to help people protect their devices.”   

‘Alarm’ from Ofgem

Mike Glassey, Ofgem chief information security officer, said is alarming that vulnerable customers are being preyed upon when people are already struggling with their energy bills.

“That’s why, as energy regulator, on top of issuing our own warnings and advice, we have asked all energy suppliers to ensure clear and up to date information on scams is easily accessible on their websites,” he said.

“We take these attempts to exploit consumers very seriously and work with the National Cyber Security Centre to prevent these malicious attacks – identifying and responding in near real-time to over 100 of these phishing campaigns in 2022 alone. Our Energy Aware campaign is a one stop shop for all energy consumers to get help, support and advice on scams and other energy bill issues – Energy advice for households | Ofgem.”

The NCSC is also urging people to follow its Cyber Aware advice to protect their online accounts from scammers seeking to steal personal details and sensitive information. Specifically, people should set up 2-step verification and use three random words passwords to prevent cyber criminals gaining access to email accounts.
Event Logo

If you are interested in this article, why not register to attend our Think Digital Government conference, where digital leaders tackle the most pressing issues facing government today.


Register Now

Liked this article?

Subscribe to our newsletter to receive the latest digital transformation news directly to your inbox.

Subscribe