More than 1,000 phishing emails have been sent from a mailbox belonging to the National Health Service that was compromised by threat actors in the past six months. Cybersecurity research firm Inky recently published a report detailing how the attackers conducted the attack, compromised the mailbox, and continued to send out phishing emails with malicious attachments. The campaign started in October 2021, but escalated dramatically in March of this year. The volume of attacks from the NHSmail inboxes fell dramatically after Inky reported its findings to the NHS on April 13.
Inky states that 139 health service employees had their official email accounts individually compromised during the campaign and leveraged by the threat group to send out a variety of different malicious messages, such as links to credential harvesting sites. Due to the fact that the threat actors were using an official NHS account, the emails may have seemed more convincing. The health service has been monitoring for further risks since the campaign was illuminated.
Read More: NHS Inboxes Hijacked to Send 1000+ Malicious Emails