Figures released have shown that at the height of the coronavirus outbreak, the UK’s National Health Service (NHS) was struck by a torrent of scam emails.

NHS Digital, also known as the Health and Social Care Information Centre, has stated that its teams of cybersecurity professionals have been hard at work to ensure patient data remains secure as scammers continue to make targeted attacks on the health service.

At the pandemic’s height, NHS staff including nurses, doctors, specialists, and other key personnel reported more than 40,000 phishing and spam attacks from March to mid-way through July.

Monthly waves of scam emails

Detailed data recorded by NHS Digital and accessed by Parliament Street, the UK-based think tank, using a Freedom of Information request, has shown the statistics on scam emails received while the health service struggled with the pandemic.

In March alone, NHS personnel reported 21,188 cases of malicious emails. April saw 8,085 emails reported by staff, while May recorded 5,883. In June, there were 6,468 emails reported and 1,484 within July’s first half.

The true volume of attempted attacks made on the NHS is likely to be far greater, as the data released by NHS Digital only represents scam emails reported via the official reporting address for NHSMail (

Chief Information Officer for NHS Digital, Neil Bennett, commented that the increased reporting levels recorded indicated that personnel were taking their responsibilities seriously to safeguard information, adding:

“This is an unprecedented time for the NHS, including the cyber security and IT teams who are continuing to work hard in all NHS organisations to keep patient data and systems secure to support the delivery of safe patient care. As part of NHS Digital’s cyber security operations, we collaborate with all areas of the system to ensure they are aware of potential threats. This includes highlighting the need for staff to report suspicious emails by raising awareness through our Keep I.T. Confidential campaign.”

Exploiting the confusion caused by COVID-19

The global outbreak has resulted in a severe spike in cyberattacks using COVID-19 related content. Designed by criminals who are seeking to take advantage of the widespread panic, the attacks exploit both people’s confusion and health fears.

The Cybersecurity and Infrastructure Security Agency (CISA) in the US and the National Cyber Security Centre (NCSC) here in the United Kingdom have warned that many under-pressure services combating the coronavirus are specifically being targeted.

June saw NHS Digital report that over 113 NHS mail accounts had been compromised, with infiltrators employing them to send out malicious messages to external recipients. The NHS Trust’s St Helens and Knowsley Hospital also issued staff a warning regarding scammers.

Hackers were impersonating employees while mailing payroll and HR departments with requests for bank account details to be updated prior to salaries being paid. The teaching hospital also warned of phishing emails that invited staff members to click on links to verify their personal details to make sure they received their payment.