Her Majesty's Revenue and Customs (HMRC) has processed 2.6 million reports of attempted phishing attacks since 2016, Infosecurity Magazine reports. More than 1.9 million of these phishing attempts were spoofing tax rebate emails, while 150,000 were scam SMS messages.
Of particular note is that reports of scam phone calls increased from 407 in fiscal 2016/17 to more than 104,000 in 2018/19.
Despite these alarming numbers, HMRC believes it has made progress in fighting these scams. However, Andy Heather from Centrify told Infosecurity Magazine that the data show why businesses need to take steps to defend themselves against phishing, because these same threats are targeting the private sector.
“These incidents are just a snapshot of techniques used by hackers to gain confidential financial information as well as credentials and passwords,” he said. “In many cases we’re seeing fraudsters gaining access to company data, using legitimate user ID and log-in details, without raising suspicion. For businesses, it’s time to face the reality that cyber-attackers now no longer hack in, they log in using credentials and passwords that are weak, stolen or in cases of phishing are simply handed over to them.”
Phishing attacks are so ubiquitous that a decent number of them are sure to get through your security filters. New-school security awareness training can provide your organization with an essential layer of defense by teaching your employees how to identify and resist these attacks.
Infosecurity Magazine has the story: https://www.infosecurity-magazine.com/news/uk-taxpayers-overwhelmed-with-1-1/