UK NCSC Suspicious Email Reporting Service Received Over One Million Reports of Scam Emails
The UK National Cyber Security Centre (NCSC) issued a statement saying that it has received reports of over one million phishing emails in the past two months. The scam emails are reported via the relatively new NCSC Suspicious Email Reporting Service which was launched in April of this year.
The phishing email reports are part a service launched as part of the Government’s Cyber Aware campaign. Anyone can forward a suspicious email to NCSC and help stop cyberattacks. Since the service was launched, NCSC has received an average of 16,500 email reports each day. The number of phishing email reports now totals over a million potentially harmful emails. The reports resulted in 10,200 scam links to 3,485 malicious websites being taken offline.
NCSC Chief Executive Officer Ciaran Martin, said, “The kind of scams we’ve blocked could have caused very real harm and I would like to thank everyone who has played their part in helping make the internet safer for all of us.”
The phishing reporting service was launched in April 2020. About one month later on 20 May, NCSC reported that more than 614,000 phishing email containing 1,117 scams and 4,530 malicious URLs has been sent in. Results also show that ten percent of the scams were removed within an hour after they were sent to NCSC and 40 percent were taken down within 24 hours.
Over half of the scam emails contained cryptocurrency investment lures. In these types of scams, investors are promised incredibly high returns in exchange for investing their money. in reality, the cryptocurrency investor never receives anything and their original investment is gone. Cryptocurrencies are very difficult to trace and nearly impossible to recover.
What is the goal of a phishing email?
Malicious cybercriminals send phishing emails to launch harmful attacks against people, companies, or government entities. A phishing email may be used to lead someone to a spoof website that steals personal or financial information. A phishing email may contain harmful attachments, launch malware attacks, or spy on information contained on a device. Often phishing emails are used to collect personal information like job title and place of employment which is used to build profiles The profiles are used in future spear phishing attacks. No matter what the goal of a phishing email is, it can result in identity theft or financial theft if the target follows the messaging containing the email.
How to Report a Phishing Email to NCSC
The NCSC Suspicious Email Reporting Service was co-developed with the City of London Police. Commander Karen Baxter, from the City of London Police said, “Phishing is often the first step in a lot of fraud cases we see. It provides a gateway for criminals to steal your personal and financial details, sometimes without you even realising it, which they can then use to take your money.”
How to Spot a Phishing Email
- The email is from a company you did not subscribe to
- A vendor you have not heard of contacts you
- Your friend or loved one sends an email attachment that you were not expecting
- Messaging in the email urges you to take immediate action to avoid some other consequence like having an account disabled
Even if the email appears to be sent by someone you know or a company that you regularly do business with, be sure to be vigilant for scams. Hackers often use email addresses and names that are very close to names that are familiar to the recipient. They get this personal information from social media profiles and past data breaches. So, your hacker they already know a little bit about the email recipient. For example, the hack may know where the target works or online stores they shop at when they send their first-round phishing email. A common cyber threat tactic is to send a phishing email that contains a password that you have used I legitimate online account. This is supposed proof that the hacker has more information about you. The hackers get this information from compromised websites and data breach information they purchase on the dark web.
For those who stay in hotels frequently or use airports often, get our guide on Cyber Security for Travelers.
How to Stay Secure Online:
- Create a unique and original password for your email
- Create strong passwords using three random words or use a password protection app to help you remember unique passwords that are hard to guess
- Save your passwords in your browser ONLY if you don’t share your phone or laptop with someone else
- Enable two-factor authentication when available
- Update your devices, operating system, and apps as soon as security updates become available
- Back up important data
- Upgrade to a new device to protect your money with security features such as fingerprint login or facial recognition