NCSC received one million scam email reports in just two months

Fake cryptocurrency investment lures comprised more than half of the reported email scams

The National Cyber Security Centre (NCSC)'s Suspicious Email Reporting Service received more than one million reports of scam emails in just two months. 

The NCSC reported that, out of the 16,500 emails it received every day, more than half were fake cryptocurrency investment lures, which typically scam victims by promising high returns in exchange for making purchases of digital currency, often Bitcoin.

Other recurring scams reported to the NCSC included fake online shops, which have increased in popularity over the coronavirus pandemic, as well as emails from cyber criminals posing as TV Licensing, HMRC, Gov.uk and the DVLA. 

Overall, the one million reported scams contained 10,200 malicious URLs linking to 3,485 individual sites, which have since been removed by the NCSC.

According to the latest figures shared by the government agency, one in ten of the scams were removed within an hour of an email being reported, while 40% were taken down within a day of a report.

The Suspicious Email Reporting Service, which was launched in April after being co-developed with the City of London Police, allows the public to flag suspect emails linking to fraudulent websites by simply forwarding them to report@phishing.gov.uk.

NCSC CEO Ciaran Martin issued a statement thanking “everyone who has played their part in helping make the internet safer for all of us”.

“Reaching the milestone of one million suspicious emails reported is a fantastic achievement and testament to the vigilance of the British public,” he said.

Commenting on the NCSC’s announcement, Mimecast’s head of Threat Intelligence Analysis, Phillip Hay, urged security leaders to “invest in a strategy that builds resilience moving at the same pace as digital transformation”. 

Related Resource

How enterprises are embracing cyber security challenges

Enterprises across Europe, the Middle East and Africa are undergoing a significant transformation

Download now

“This means organisations must apply a layered approach to email security, one that consists of attack prevention, security awareness training, roaming web security tied to email efficacy, brand exploitation protection, threat remediation and business continuity,” he added.

Hay also referred to Mimecast’s recent State of Email Security report, which revealed that “60% of organisations believe it’s inevitable or likely they will suffer from an email-borne attack in the coming year”.

“The same study found that 72% said phishing attacks remained flat or increased in the last 12 months. This is also exacerbated by the coronavirus pandemic, which has led to a real uptick in email-borne attacks. Our research found that detections were up a third during the first 100 days of the pandemic,” said Hay.

Last month, the NCSC published advice aiming to guide SMBs as they navigate the digital terrain, which may be new for many. 

Featured Resources

The ultimate law enforcement agency guide to going mobile

Best practices for implementing a mobile device program

Free download

The business value of Red Hat OpenShift

Platform cost savings, ROI, and the challenges and opportunities of Red Hat OpenShift

Free download

Managing security and risk across the IT supply chain: A practical approach

Best practices for IT supply chain security

Free download

Digital remote monitoring and dispatch services’ impact on edge computing and data centres

Seven trends redefining remote monitoring and field service dispatch service requirements

Free download

Most Popular

Best Linux distros 2021
operating systems

Best Linux distros 2021

11 Oct 2021
Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans
Laptops

Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans

11 Oct 2021
Windows 11 has problems with Oracle VirtualBox
Microsoft Windows

Windows 11 has problems with Oracle VirtualBox

5 Oct 2021