NHS employees to be wary of scam emails

While our health service is facing its biggest challenge in decades, online criminals are unfortunately giving NHS workers another serious threat to worry about.


Last week, the National Cyber Security Centre (NCSC) reported that over 137,000 malicious emails had been sent to staff within the NHS (www.ncsc.gov.uk/report/weekly-threat-report-12th-february-2021)


One of the most common tactics that criminals use to access people’s devices, files or data is to send a phishing email. Disguising their message as a legitimate communication, they convince recipients to click a link for example, to track a package or access an online account.


Once clicked, criminals can send malicious pieces of software (aka malware) which may stop devices working or even demand a ransom from the victim.


With healthcare professionals currently under immense pressure, criminals are sadly exploiting our key workers by targeting them in their attacks.


If you’re an NHS employee, the NCSC recommends following your organisational guidance. You can also read their guide on how to spot and deal with suspicious emails – at:www.ncsc.gov.uk/guidance/suspicious-email-actions


If you receive an email that looks suspicious, you can report it to NCSC via their Suspicious Email Reporting Service (SERS) at: https://www.ncsc.gov.uk/information/report-suspicious-emails



The National Cyber Security Centre (NCSC) and National Police Chiefs Council (NPCC) are working together to support the establishment of Regional Cyber Resilience Centres (CRCs). The CRCs represent a significant opportunity for the NCSC to expand the reach of its guidance and services to smaller organisations across the country, and provide an extra level of practical support to enhance their impact. The NCSC is currently assisting the NPCC in determining the suite of cyber security services that the CRCs will be able to offer.