"NHS Inboxes Hijacked to Send 1000+ Malicious Emails"

Security researchers at email security firm Inky have discovered that more than 1000 phishing emails were sent from compromised National Health Service (NHS) inboxes over a six-month period.  The researchers noted that the campaign started around October 2021 and escalated “dramatically” in March this year, when Inky detected 1157 phishing emails originating from NHSmail inboxes.  After reporting its findings to the NHS on April 13, the volume of attacks originating from NHSmail inboxes fell dramatically the next day to just a “few,” the firm claimed.  The researchers stated that some 139 health service employees had their official email accounts individually compromised in the campaign to send out a variety of malicious messages.  The researchers noted that the majority were fake new document notifications with malicious links to credential harvesting sites that targeted Microsoft credentials.  All emails also had the NHS email footer at the bottom.  The researchers stated that the scale of the campaign could have been even greater, given that they only detected the phishing messages sent to its customers.  It’s unclear how the healthcare employees were compromised in the first place.  When assessed per employee, NHS recorded the highest number of malicious emails for 2021 at 89,353.  

Infosecurity reports: "NHS Inboxes Hijacked to Send 1000+ Malicious Emails"