Publish date: 19 May 2025
A new alert has been issued as Action Fraud, the national fraud and cybercrime reporting service, reveals staggering rise of extortion phishing email reports and advises that NHS staff should remain vigilant over the authenticity of all emails they receive.
The NHS Counter Fraud Authority (NHSCFA) is also supporting Action Fraud and Meta by encouraging people to protect their social media and email accounts as data shows there were more than 35,000 reports of account hacking made last year.
What can you do to avoid being a victim?
- 2-step verification (2SV) will keep criminals out of your account, even if they know your password. Turning on 2SV gives your most important accounts an extra level of protection, especially your email and social media accounts.
- Email and social media passwords should be strong and different to all of your other passwords. A good way to make sure your passwords are ‘long enough and strong enough’ is to combine three random words to create a unique password which is easy to remember
MIAA Anti-Fraud Service has produced more information about Extortion phishing emails and Social media and email account hacking for NHS staff
If you think your passwords have become public, please change your password. You can report suspicious emails by forwarding them to report@phishing.gov.uk
For further information on MIAA’s Anti-Fraud Service visit miaa.nhs.uk