The BBC Experiences Over 250,000 Malicious Email Attacks Per Day

Written by

The British Broadcasting Corporation (BBC), the UK’s public service broadcaster, faces in excess of a quarter of a million malicious email attacks every day, according to data obtained by Parliament Street following a Freedom of Information (FoI) request.

The think tank revealed that the corporation blocked an average of 283,597 malicious emails per day during the first eight months of 2020.

According to the data, every month the BBC receives an average of 6,704,188 emails that are classified as scam or spam as well as 18,662 malware attacks such as viruses, ransomware and spyware. In total, 51,898,393 infected emails were blocked in the period from January to August 2020.

The month which contained the highest amount of recorded incidents was July, when the BBC received 6,787,635 spam and 13,592 malware attempts. The next highest was March, when the COVID-19 first struck the UK, with 6,768,632 spam emails and 14,089 malware attacks.

In March, an analysis by Barracuda Networks found that phishing emails went up by 667% as a result of the pandemic, as cyber-criminals looked to capitalize on the fear and uncertainty brought about by the crisis.

The BBC has been on the receiving end of numerous cyber-attacks in the past. This includes in 2013 when sympathizers of Syrian President Bashar Assad took control of several of its Twitter accounts to post messages and send phishing emails around its staff.

Tim Sadler, CEO of Tessian, commented: “The global pandemic has become a ripe opportunity for phishing scams, and we can clearly see that in reflected in the spike of malicious attacks on the BBC. In the wake of the outbreak, journalists and employees would have been busier and more distracted than usual.

“Using clever social engineering techniques, cyber-criminals prey on people’s desire for information during uncertain times, and bank on the fact that busy, distracted and stressed employees may miss the signs of a phishing email and fall for their scams. Organizations, therefore, must have security measures in place to automatically predict such email threats and warn people before they click or download an attachment.”

What’s hot on Infosecurity Magazine?