New research from the email security firm Inky has revealed that more than 1000 emails were sent from NHS inboxes over a six month period.
The firm has claimed that the campaign, beginning October 2021, escalated “dramatically” in March of this year.
After the findings were reported to the NHS on April 13, Inky reported that the volume of attacks fell significantly to just a “few”.
“The majority were fake new document notifications with malicious links to credential harvesting sites that targeted Microsoft credentials. All emails also had the NHS email footer at the bottom,” Inky explained.