Security News > 2022 > May > Attackers hijack UK NHS email accounts to steal Microsoft logins
For about half a year, work email accounts belonging to over 100 employees of the National Health System in the U.K. were used in several phishing campaigns, some aiming to steal Microsoft logins.
Attackers started using legitimate NHS email accounts in October last year after hijacking them and continued to use them in phishing activity through at least April 2022.
NHS. More than a thousand phishing messages have been sent from NHS email accounts belonging to employees in England and Scotland, according to researchers from email security INKY. The researchers tracked the fraudulent messages as coming from two NHS IP addresses, delivered from email accounts of 139 NHS employees.
To make the email more credible, the attackers added the NHS confidentiality disclaimer at the bottom of the message.
INKY has been in contact with NHS since they discovered the phishing campaign.
Roger Kay, INKY's Vice President of Security Strategy, highlights that these campaigns are not the result of breaching NHS' email server "But rather individually hijacked accounts."
News URL
Related news
- Microsoft: 87% of UK Businesses Are Unprepared for Cyberattacks (source)
- Microsoft warns Gmail blocks some Outlook email as spam, shares fix (source)
- Microsoft breach allowed Russian spies to steal emails from US government (source)
- Microsoft will limit Exchange Online bulk emails to fight spam (source)