The National Cyber Security Centre (NCSC) of the United Kingdom revealed that it prevented a major Phishing Scam that tried to defraud thousands of people using a fake email from one of the UK airports.
NCSC has not revealed the name of the airport. However, stated that the failed email scam involved sending 200,000 emails to the public asking them to pay a fee in order to receive a refund.
In its report dubbed Active Cyber Defence (ACD), the NCSC stated the attackers used a fake gov.uk address to trick the users. But the messages were prevented from reaching their targets. The ACD program, which is intended to improve the security of the UK public sector and the cyber ecosystem, had stopped 140,000 separate phishing attacks and taken down 190,000 fraudulent sites, according to the report.
The U.K. Information Commissioner’s Office (ICO) recently fined British Airways with £183.39 million ($230 million) after the airline failed to protect its customers’ data. The proposed fine relates to a data breach notified to the ICO by British Airways in September 2018, that exposed around 500,000 customers’ personal information.
The ICO said its investigation found that the breach compromised customer details, including login, payment card, name, address, and travel booking information which is collected after being diverted to a fraudulent website. The data breach, which began in June 2018, occurred due to the poor security measures to protect customer information, ICO stated.
British Airways made an announcement regarding the breach on September 6, 2018. It notified its customers that “From 22:58 BST August 21, 2018, until 21:45 BST September 5, 2018, inclusive, the personal and financial details of customers making or changing bookings on our website and app were compromised.” Around 380,000 payment-card details were stolen during the period. The airline has notified the police and investigations are underway. The airlines also assured that it will compensate for all the losses to its customers.