Email Security Blog

Phishing in the United Kingdom: Attacks You Should Know About

Could your company easily recover from a £3 million loss in revenue? How about losing 20% of your customers? Naturally, none of us would even want to consider either of these scenarios and yet thousands of companies in the UK put themselves in these sorts of risky situations every day. How? By not taking the steps necessary to protect their businesses from the types of crippling phishing attacks that happen every day.

One of the biggest mistakes CEOs and business owners make is simply not believing they’re vulnerable to phishing attacks. If that’s the case, consider whether or not any of these scenarios apply:

You rely on a mediocre firewall and existing cloud security to protect you from phishing scams.

When it comes to phishing emails, your staff is untrained even though you think they should recognize a cyber threat.

Your business uses a legacy Secure Email Gateway (SEG).

You trust the instincts of your IT staff.

Your staff uses their mobile devices for work purposes and you underestimate their vulnerability to phishing attacks.

If learning from the mistakes of others helps you to better realize the risks your company faces, here are just a few of the better-known cyberattack disasters the UK has faced in recent years.


245,000 UK customers had their sensitive data compromised when payday loan company, Wonga, fell victim to a cyberattack. Noted as one of the biggest data breaches in UK history, this breach gave hackers access to customer’s name, address, phone numbers, bank account numbers, sort codes, and quite possibly the last four digits of bank cards used for logging into online accounts.


In 2017, this consumer credit reporting agency discovered that over the course of ten weeks, hackers had obtained confidential records of approximately 694,000 customers in the UK. Of these, the majority were stolen phone numbers, however other hijacked information included the details of 29,000 driver’s licenses, 12,000 email addresses, and the log-in information of about 15,000 Equifax customers. This enormous data breach is believed to be a result of human error. The scandal let to the resignation of Equifax’s chairman and a drop in company stock.

WannaCry and the National Health Services3

The WannaCry ransomware attacks hit countries all over the world, but the UK’s National Health Services (NHS) was devastated from what might have been an avoidable cyberattack. The National Audit Office found that NHS was not following basic IT security processes and, as a result, vulnerabilities in the NHS systems quickly became apparent. Numerous NHS Trusts were unable to serve patients, hundreds of appointments were cancelled and sensitive patient data feel into the hands of the cyber attackers.


A sophisticated phishing attack on easyJet had the potential to put this budget airline into a tailspin. Nine million accounts were hacked and more than 2,200 of them had their credit card numbers and corresponding CVV codes stolen. One of the secondary worries is that these nine million easyJet customers could soon be receiving phishing emails from the hackers that take them to phony phishing websites in a credential harvesting scam.

When data breaches such as these occur, the data stolen can be easily sold on the dark web. When that happens, the sensitive information and credentials can be used by cybercriminals to apply for loans and obtain credit cards. Many will also use the email addresses in spear phishing campaigns that can rob recipients of hard-earned dollars. Too many businesses are relying on outdated Secure Email Gateways (SEGs) and software programs that offer more promise than performance.

With the recent shift to remote working, UK companies are more vulnerable than ever to email phishing attacks. Investing in the type of technology you need to protect your company from phishing attacks is no longer something you should consider to be optional.   INKY is the industry’s best solution for the security of your email. Cost-effective and powerful, INKY can be implemented quickly, regardless of whether your employees work at the office or remotely. Uniquely effective at catching phishing attacks, INKY uses computer vision, artificial intelligence (AI), and machine learning, to search for signs of fraud. It works on any device- including mobile - and places highly visible warning banners directly in the email.

Based in the US, INKY is growing internationally and becoming a phish-fighting force around the world. Learn more about what INKY can do for your company and schedule a free demonstration today.



INKY® is the emerging hero in the war against phishing. An award-winning cloud-based email security solution, INKY® prevents the most complex phishing threats from disrupting or even immobilizing your company’s day-to-day business operations. Using computer vision, artificial intelligence, and machine learning, INKY® is the smartest investment you can make in the security of your organization. INKY® is a proud winner of the NYCx Cybersecurity Moonshot Challenge and finalist in the 2020 RSAC Innovation Sandbox Competition. Learn more about INKY® or request an online demonstration today.