100,000 people report phishing scams in the UK in 2015, say police

Action Fraud and National Fraud Intelligence Bureau say that they received an average of 8,000 reports per month in 2015

Nearly 100,000 people in the UK have reported receiving phishing scam-emails in 2015, according to the City of London Police's Action Fraud and National Fraud Intelligence Bureau.

Phishing - the attempt to acquire sensitive information or access to systems by sending people misleading emails or text messages with malicious links or payloads - is increasingly being used as a means to defraud people across the UK. Spear-phishing refers to targeted phishing.

The police said the exact number of reported cases between January 2015 and December 2015 was 96,699 - with an average of 8,000 reports per month.

The majority of people (68 per cent) who reported a phishing scam said it came in the form of an email, while 12.5 per cent said they were contacted by phone, 8.9 per cent said they were contacted by text, and the rest were contacted in another way.

According to the Action Fraud team, the most common phishing scam in December came from fraudsters purporting to be a bank or from HMRC - with the Self-Assessment tax deadline at the end of January - followed by online payment merchants such as PayPal and utility companies.

In one month, the police said that 31 per cent of all phishing scams reported had contained a potentially malicious hyperlink which would install malware onto the victim's PC or phone or trick them into providing sensitive information.

The police found that the most common message title for phishing emails was ‘Attention' followed by other titles such as ‘Your account has been revoked', ‘Hello' and ‘Important Notification', while the top email addresses that people reported to have received came from ‘[email protected], [email protected] and [email protected].

Want to find out more about phishing and 'whaling' (the same process, only with higher profile enterprise targets)? Then tune in to our web seminar at 2pm on 16th March 2016 - register free!

We will be discussing the 'dark tricks' of the phishing trade so that you can more easily recognise them, and protect your organisation, and we'll be discussing whether impending changes in data protection legislation may affect the ways you can establish your organisation's security policies to continue staying safe.