NCSC received one million scam email reports in just two months
Fake cryptocurrency investment lures comprised more than half of the reported email scams
The National Cyber Security Centre (NCSC)'s Suspicious Email Reporting Service received more than one million reports of scam emails in just two months.
The NCSC reported that, out of the 16,500 emails it received every day, more than half were fake cryptocurrency investment lures, which typically scam victims by promising high returns in exchange for making purchases of digital currency, often Bitcoin.
Other recurring scams reported to the NCSC included fake online shops, which have increased in popularity over the coronavirus pandemic, as well as emails from cyber criminals posing as TV Licensing, HMRC, Gov.uk and the DVLA.
Overall, the one million reported scams contained 10,200 malicious URLs linking to 3,485 individual sites, which have since been removed by the NCSC.
According to the latest figures shared by the government agency, one in ten of the scams were removed within an hour of an email being reported, while 40% were taken down within a day of a report.
The Suspicious Email Reporting Service, which was launched in April after being co-developed with the City of London Police, allows the public to flag suspect emails linking to fraudulent websites by simply forwarding them to email@example.com.
NCSC CEO Ciaran Martin issued a statement thanking “everyone who has played their part in helping make the internet safer for all of us”.
“Reaching the milestone of one million suspicious emails reported is a fantastic achievement and testament to the vigilance of the British public,” he said.
Commenting on the NCSC’s announcement, Mimecast’s head of Threat Intelligence Analysis, Phillip Hay, urged security leaders to “invest in a strategy that builds resilience moving at the same pace as digital transformation”.
How enterprises are embracing cyber security challenges
Enterprises across Europe, the Middle East and Africa are undergoing a significant transformationDownload now
“This means organisations must apply a layered approach to email security, one that consists of attack prevention, security awareness training, roaming web security tied to email efficacy, brand exploitation protection, threat remediation and business continuity,” he added.
Hay also referred to Mimecast’s recent State of Email Security report, which revealed that “60% of organisations believe it’s inevitable or likely they will suffer from an email-borne attack in the coming year”.
“The same study found that 72% said phishing attacks remained flat or increased in the last 12 months. This is also exacerbated by the coronavirus pandemic, which has led to a real uptick in email-borne attacks. Our research found that detections were up a third during the first 100 days of the pandemic,” said Hay.
Last month, the NCSC published advice aiming to guide SMBs as they navigate the digital terrain, which may be new for many.