In common with many domain registries Nominet relies heavily on email for communication to registrars AND registrants.
Unfortunately they seem to have been the target of some spoofing in recent days
It sounds like they’ve been the victims of a “Joe Job”, where a spammer basically “hijacks” a person or organisation’s domain when sending mails.
Of course the question I have to ask is why on earth Nominet aren’t publishing SPF records. If they did it would help. It wouldn’t eradicate the problem, but it would certainly help mitigate it.
Unfortunately they don’t seem to be publishing any judging by the output of a simple:
dig txt nominet.org.uk
Maybe this recent spate of attacks will lead to a change in policy.