NS&I issues statement to customers over ‘blocked emails’ | Personal Finance | Finance
NS&I has issued an update for customers over a spate of blocked emails. The Premium Bonds provider has spoken out to explain what security systems it has in place.
A Freedom of Information request found that over the past three years, there were 132,126 emails that NS&I bocked, including spam emails, phishing, malware and Edge Block, a Microsoft Edge tool that blocks suspicious pop ups and ads. The number of blocked emails fell over the past 12 months, but there was a sharp rise in phishing attacks over the same period, rising from 1,043 to 4,414.
The highest proportion of blocked emails over the three-year period were spam attacks, which accounted for 97,777 of the emails. Andy Ward, SVP International of cyber security group Absolute Security, said: “Any organisation and any person can be a target for cybercriminals, so it’s vital that security systems are prepared to deal with threats, particularly when large sums of money are involved.”
He explained the tactics that criminals use. The expert warned: “Malicious actors are using tactics such as AI-generated phishing emails in an attempt to trick staff into falling for scams, giving cybercriminals their route in to wreak havoc, which can often lead to wider disruption. For organisations like NS&I, even a short disruption could have severe implications for customers, so it’s vital that security teams ramp up their defences and prepare to recover and respond to cyber threats.”
Asked for a comment about the figures, an NS&I spokesperson said: “NS&I takes the security of its systems very seriously and has robust processes in place to detect and prevent malicious communications to keep our systems and customer data secure.”
The group confirmed the FOI was specifically about inbound emails to NS&I and did not include any customer emails. The news comes after a major incident where NS&I customers lost access to their savings.
This affected around 37,000 customers and up to £476million in deposits. The issue affected bereaved families of former customers who struggled to access their loved one’s savings.
Online expert Charlotte Wilson, head of enterprise for UK & Ireland at cyber security software group Check Point, said: “So many hacks leak data on people yet as a society, we have become worryingly liberal with handing over our sensitive personal and financial details. Whether it’s filling out forms to get discounts, participating in loyalty schemes, or giving away email addresses for digital receipts, so much data gets freely handed over, increasing the stakes of each cyber hack.”
“When it comes to incidents such as NS&I’s lost savings, where there’s lots of data involved, AI makes it easy for cybercriminals to find vulnerabilities, which increases the chances of attacks.” She urged consumers to be vigilant about what information they share.
She said: “Consumers not understanding the risks of sharing data makes defending increasingly difficult. It’s not always a case of losing financial data, as other personal data, such as the last item purchased or the investment company used, can start a trail that results in a much bigger breach.”
