NS&I has issued an update to its customers following a series of blocked emails, urging vigilance against suspicious messages. The Premium Bonds provider clarified the security measures in place after a Freedom of Information request revealed that over the past three years, NS&I blocked 132,126 emails, including spam, phishing attempts, malware, and Edge Block—a Microsoft Edge tool that prevents suspicious pop-ups and adverts.
Phishing Attacks on the Rise
While the total number of blocked emails decreased over the past 12 months, there was a significant surge in phishing attacks during this time, jumping from 1,043 to 4,414. Spam attacks accounted for the largest proportion of blocked emails over the three-year period, making up 97,777 of the total.
Andy Ward, SVP International of cyber security group Absolute Security, warned: "Any organisation and any person can be a target for cybercriminals, so it's vital that security systems are prepared to deal with threats, particularly when large sums of money are involved." He explained that malicious actors are using tactics such as AI-generated phishing emails to trick staff into falling for scams, giving cybercriminals a route to wreak havoc, which can often lead to wider disruption.
NS&I Statement on Security
When asked about the figures, an NS&I spokesperson said: "NS&I takes the security of its systems very seriously and has robust processes in place to detect and prevent malicious communications to keep our systems and customer data secure." The organisation clarified that the FOI request related specifically to inbound emails to NS&I and did not include any customer emails.
The revelation follows a significant incident in which approximately 37,000 NS&I customers were locked out of their savings, with up to £476 million in deposits affected. The problem particularly hit bereaved relatives of deceased customers, who faced difficulties accessing their loved ones' savings.
Expert Advice for Consumers
Charlotte Wilson, head of enterprise for UK & Ireland at cyber security software group Check Point, said: "So many hacks leak data on people yet as a society, we have become worryingly liberal with handing over our sensitive personal and financial details. Whether it's filling out forms to get discounts, participating in loyalty schemes, or giving away email addresses for digital receipts, so much data gets freely handed over, increasing the stakes of each cyber hack." She encouraged consumers to exercise caution regarding what information they disclose, noting that AI makes it easy for cybercriminals to find vulnerabilities, increasing the chances of attacks.
