NCSC received one million scam email reports in just two months

The National Cyber Security Centre (NCSC)'s Suspicious Email Reporting Service received more than one million reports of scam emails in just two months.

The NCSC reported that, out of the 16,500 emails it received every day, more than half were fake cryptocurrency investment lures, which typically scam victims by promising high returns in exchange for making purchases of digital currency, often Bitcoin.

Other recurring scams reported to the NCSC included fake online shops, which have increased in popularity over the coronavirus pandemic, as well as emails from cyber criminals posing as TV Licensing, HMRC, Gov.uk and the DVLA.

Overall, the one million reported scams contained 10,200 malicious URLs linking to 3,485 individual sites, which have since been removed by the NCSC.

According to the latest figures shared by the government agency, one in ten of the scams were removed within an hour of an email being reported, while 40% were taken down within a day of a report.

The Suspicious Email Reporting Service, which was launched in April after being co-developed with the City of London Police, allows the public to flag suspect emails linking to fraudulent websites by simply forwarding them to report@phishing.gov.uk.

NCSC CEO Ciaran Martin issued a statement thanking “everyone who has played their part in helping make the internet safer for all of us”.

“Reaching the milestone of one million suspicious emails reported is a fantastic achievement and testament to the vigilance of the British public,” he said.

Commenting on the NCSC’s announcement, Mimecast’s head of Threat Intelligence Analysis, Phillip Hay, urged security leaders to “invest in a strategy that builds resilience moving at the same pace as digital transformation”.

RELATED RESOURCE

How enterprises are embracing cyber security challenges

Enterprises across Europe, the Middle East and Africa are undergoing a significant transformation

FREE DOWNLOAD

“This means organisations must apply a layered approach to email security, one that consists of attack prevention, security awareness training, roaming web security tied to email efficacy, brand exploitation protection, threat remediation and business continuity,” he added.

Hay also referred to Mimecast’s recent State of Email Security report, which revealed that “60% of organisations believe it’s inevitable or likely they will suffer from an email-borne attack in the coming year”.

“The same study found that 72% said phishing attacks remained flat or increased in the last 12 months. This is also exacerbated by the coronavirus pandemic, which has led to a real uptick in email-borne attacks. Our research found that detections were up a third during the first 100 days of the pandemic,” said Hay.

Last month, the NCSC published advice aiming to guide SMBs as they navigate the digital terrain, which may be new for many.

Sabina Weston

Having only graduated from City University in 2019, Sabina has already demonstrated her abilities as a keen writer and effective journalist. Currently a content writer for Drapers, Sabina spent a number of years writing for ITPro, specialising in networking and telecommunications, as well as charting the efforts of technology companies to improve their inclusion and diversity strategies, a topic close to her heart.

Sabina has also held a number of editorial roles at Harper's Bazaar, Cube Collective, and HighClouds.