Her Majesty’s Revenue and Customs (HMRC) received over 521,582 malicious emails over the past three months.

According to data obtained by think tank Parliament Street, an average of over 5000 spam, phishing and malware attacks were recorded by the organization in the three month period between June and September, while spam and junk made up the largest proportion of attacks, contributing 377,820 of the total 521,582 recorded by HMRC.

Another 128,255 emails were classified as phishing, and the remaining 15,507 attacks were said to contain malware.

Chad Anderson, senior security researcher at DomainTools, pointed out HMRC has always been one of cyber-criminals’ favorite organizations to impersonate.

“After all, what better way to create a sense of urgency or a desire to engage with the email in a potential victim than to pretend to be a tax collection agency, either threatening action or offering a rebate?,” he said. “The other reason why HMRC is so convenient for threat actors to impersonate is the wealth of information that people necessarily and readily share with this entity.”

Anderson said it was unsurprising that the attacker would try to cut the middleman, and attempt to breach HMRC itself, whose systems are a treasure trove of personal identifiable information. “As always, cybersecurity training remains the best way to reduce the risk posed by these malicious emails. Clearly, HMRC’s security team must have been doing a good job in the past three months if all of these emails were blocked and identified as malicious.”

Dean Ferrando, lead systems engineer (EMEA) at Tripwire, agreed the best preventive measure is education, as by educating the workforce to stop clicking on malicious emails or links will reduce the risk of an attack greatly.

“Phishing is a preferred choice for attackers as they target the user’s emotional connection to their data, and with the rise of Bitcoin, it has become a lucrative way to make money,” he said.

Javvad Malik, security awareness advocate at KnowBe4, said phishing is the most favored attack technique used by criminals, and the response to the COVID-19 outbreak has provided a ripe environment for criminals to take advantage of, by both trying to scam the general public, and finding loopholes in the tax system.

“As such, it becomes even more important for there to be a robust layered security strategy in place where technical controls are deployed alongside effective user security awareness and training,” Malik said.