University of Westminster receives 200,000 malicious emails

The University of Westminster says it has successfully blocked ransomware and BEC attacks amidst a barrage of hostile emails

The University of Westminster has been targeted with nearly 20,000 malicious emails every month since October 2020, including phishing, business email compromise (BEC) and ransomware attacks, according to official figures.

The data was uncovered via the Freedom of Information Act (FOI), and analysed by the Parliament Street think tank, observing the number of email attacks blocked from when the University began keeping records of attack data in October 2020 to December 2021, as well as the types of attack that were blocked.

In total, there were almost 290,000 email attacks blocked by the University of Westminster, during the reporting period, with spam attacks comprising 92 per cent of threats blocked.

The university neutralised over 1,100 phishing attacks each month, where a malicious actor sends fraudulent messages to trick victims into disclosing personal information.

The University of Westminster also disclosed that it successfully blocked 28 ransomware email attacks along with 394 business email compromise (BEC) attacks, where a cyber attacker infiltrates a company’s email system and poses as an employee, sending targeted attacks asking for money to company staff.

Virus and scam attacks accounted for a further 2,648 blocked attacks by the University, since they began taking record of malicious email types in 2020.

Tim Sadler, Co-Founder and CEO of Tessian, commented on the attack: "With so much valuable data - including the personal and financial details of staff and students, intellectual property and world-leading research - universities are a very attractive target for cybercriminals. It just takes one convincing phishing email to trick an employee or student into sharing their credentials or downloading an attachment that contains malware or ransomware, for the institution's security to be compromised. The problem is that so many new students and faculty staff each year, combined with the shift to remote learning during the pandemic, the opportunity for phishing attacks is ripe and the number of attacks is increasing. To tackle this rising threat, universities must ensure that staff and students are educated on threats they could receive and that processes are in place for victims to easily report incidents." 

Chris Ross, SVP International, Barracuda Networks, added: “The onslaught of email attacks continues to remain prevalent, as highlighted by our recent report showing that Covid test related email attacks have risen by 521% since October 2021. Fighting these attacks requires constant solutions and it is good to see organisations both recording and preventing email attacks.

“Malicious actors are finding new ways of infiltrating company systems and that requires staff to receive appropriate training to stay vigilant of potentially damaging attacks. Alongside training, email security utilising artificial intelligence is a solution which can help stop attacks at source, flagging unusual emails designed to bypass email protection.” 


Featured Articles

Gary Merrill: Who Is Commvault’s First-Ever CCO?

Experiencing a period of rapid growth, Commvault have created the new position of CCO and given it to company veteran and former CFO Gary Merrill to lead

Xalient's Stephen Amstutz on Need for Cyber Staff Wellness

Stephen Amstutz, Director of Innovation at Xalient explains why cyber staff are getting stressed and what can be done to help

Worldwide IT Outage Not Cyber Attack - But Software Update

The global IT outage that is being described as one of the biggest ever is thankfully not being attributed to a cyber attack, but rather a software update

Companies Across Cyber Sphere Warn of Surge in DDoS attacks

Cyber Security

UK Takes Steps to Strengthen Country's Cyber Security

Cyber Security

BlueVoyant Launch Platform to Tackle Supplier Attack Surface

Operational Security