The FCA was targeted by almost a quarter of a million (238,711) malicious and unsolicited emails during the final three months of 2020.
 
Official figures obtained by a Freedom of Information (FOI) act and analysed by litigation firm, Griffin Law, showed that the regulator was targeted by around 80,000 email attacks per month.
 
In the FCA’s response to the FOI request, the regulator provided a breakdown of all email’s blocked by its system from October to December 2020.

Ninety-nine per cent of all blocked emails were defined as “spam”, which includes everything from unsolicited marketing to advertising emails. Another 2,402 emails potentially containing “malware” were also recorded by the FCA. Malware email attacks often include malicious content designed to disrupt, take over or damage victims’ software or data.
 
The figures come less than a year after the FCA was criticised for accidentally revealing the personal information of around 1,600 people in February 2020. This incident saw the FCA publish names, addresses and phone numbers in a document on its website, in response to a previous FOI request.

“The scale of the phishing problem today is huge,” commented Tessian CEO and cyber security specialist, Tim Sadler.

“Cybercriminals, undoubtedly, want to get hold of the huge amounts of valuable and sensitive information that FCA staff have access to, and they have nothing but time on their hands to figure out how to get it.

“It just takes a bit of research, one convincing message or one cleverly worded email, and a distracted employee to successfully trick or manipulate someone into sharing company data or handing over account credentials.

“Businesses must make their people aware of how they could be targeted, especially when working remotely, and ensure they have the technology in place to prevent people falling for the scams.”

All known cyber attacks sent to the FCA were blocked and over the course of the coronavirus pandemic, the regulator has regularly issued warnings about scam campaigns designed to trick individuals and businesses into leaking their confidential information, or send money to a wrong account.

Griffin Law principal, Donal Blaney, added: “This is a worrying number of attacks on a government agency well equipped to protect itself. It suggests that the negative potential of spam and malware for the rest of us is massive.

“We should all do as the FCA did here – ensure all devices are protected and be vigilant. Check and double-check before clicking, responding or providing personal data. On a larger scale, it’s time we went after the organised criminals behind this scourge on society. Phishing is not a victimless crime and we should be doing more to end it.”

Share Story: