Brian Sims
Editor

HID Global | July 2025 | Skyscraper
HID Global | July 2025 | Skyscraper

HMRC blocks 100 million-plus malicious e-mails amid rising digital threats

Posted to News on Tuesday, April 15, 2025 Share:

HIS MAJESTY’S Revenue and Customs (HMRC) has blocked over 100 million malicious e-mails across the last three years as cyber threats posed against UK Government services continue to escalate.

The data was obtained through a Freedom of Information request, whereby HMRC disclosed detailed figures on the volume of malicious e-mails blocked from November 2021 to September last year. The data shows a sharp rise in cyber attacks, highlighting the growing threat to UK Government services.

According to the data obtained, HMRC blocked 23,751,742 e-mail attacks between November 2021 and October 2022. This figure surged to 40,346,532 between November 2022 and October 2023, followed by 40,903,820 blocked e-mails from November 2023 to September 2024.

Overall, HMRC has blocked 105,002,094 e-mails in the past three years.

Industry comment

Andy Ward, senior vice-president (international) at Absolute Security, commented: “These numbers show just how relentless cyber criminals are when it comes to targeting Government institutions. e-mail remains one of the main ways in which attackers try to break into systems, whether through malware, spam or other tactics designed to exploit vulnerabilities.”

Ward added: “To tackle these threats effectively, organisations need a strong cyber resilience strategy. This means real-time monitoring of systems, advanced threat detection and the ability to act fast when something goes wrong. Security teams need to be able to isolate and shut down compromised systems immediately to stop attacks from spreading.”

In conclusion, Ward stated: “With cyber threats becoming more sophisticated, having the right tools and defences in place is more important than ever in order to protect the UK’s Government Departments.” 

Despite these increasing threats, HMRC has confirmed that changes to its e-mail security systems mean it can no longer categorise e-mail threats by type, such as phishing, malware or spam. This shift in technology makes it more challenging to assess the evolving cyber risks faced by Government.

Relentless nature 

Sawan Joshi, Group director of information security at The FDM Group, explained: “HMRC’s continual efforts to block malicious e-mails show the relentless nature of cyber threats, duly highlighting the need for robust security measures and a highly skilled workforce.”

Joshi added: “Protecting critical systems isn’t just about implementing the right technology. It’s also about having the right expertise in place. Employees must be equipped with the necessary skills to not only detect and respond to threats, but also communicate risks effectively and strengthen business resilience. For organisations, investing in upskilling staff in cyber security training is critical.”

Company Info

Western Business Media.

Dorset House
64 High Street
East Grinstead
RH19 3DE
UNITED KINGDOM

01342 31 4300

[email protected]

Related Topics
Absolute Security
Cyber Attacks
Cyber Security
e-mail
Government
His Majesty’s Revenue and Customs
HMRC
The FDM Group
Related Articles
Latest Webinars
‘The Power of the Cloud’: Streamlining Security Management
The Power of the Cloud: How Cloud Technology Streamlined Security Management
Biometric access control: are fingerprint cards the future?
Biometric access control: are fingerprint cards the future?
Bandweaver signposts webinar on optical fiber for perimeter security
Related Resources
UK bolsters national security with Foreign Influence Registration Scheme.
Security Matters Podcast – Episode 35 now live to view
Security Matters Podcast – Episode 34 now live to view
Latest News
Oprema announces new partnership deal with TP-Link
Foreign Influence Registration Scheme comes into full effect
Midland Alarm Services builds recurring revenue stream with HKC Security

Login / Sign up