NCSC received one million scam email reports in just two months

Fake cryptocurrency investment lures comprised more than half of the reported email scams

The National Cyber Security Centre (NCSC)'s Suspicious Email Reporting Service received more than one million reports of scam emails in just two months. 

The NCSC reported that, out of the 16,500 emails it received every day, more than half were fake cryptocurrency investment lures, which typically scam victims by promising high returns in exchange for making purchases of digital currency, often Bitcoin.

Other recurring scams reported to the NCSC included fake online shops, which have increased in popularity over the coronavirus pandemic, as well as emails from cyber criminals posing as TV Licensing, HMRC, Gov.uk and the DVLA. 

Overall, the one million reported scams contained 10,200 malicious URLs linking to 3,485 individual sites, which have since been removed by the NCSC.

According to the latest figures shared by the government agency, one in ten of the scams were removed within an hour of an email being reported, while 40% were taken down within a day of a report.

The Suspicious Email Reporting Service, which was launched in April after being co-developed with the City of London Police, allows the public to flag suspect emails linking to fraudulent websites by simply forwarding them to report@phishing.gov.uk.

NCSC CEO Ciaran Martin issued a statement thanking “everyone who has played their part in helping make the internet safer for all of us”.

“Reaching the milestone of one million suspicious emails reported is a fantastic achievement and testament to the vigilance of the British public,” he said.

Commenting on the NCSC’s announcement, Mimecast’s head of Threat Intelligence Analysis, Phillip Hay, urged security leaders to “invest in a strategy that builds resilience moving at the same pace as digital transformation”. 

Related Resource

How enterprises are embracing cyber security challenges

Enterprises across Europe, the Middle East and Africa are undergoing a significant transformation

Download now

“This means organisations must apply a layered approach to email security, one that consists of attack prevention, security awareness training, roaming web security tied to email efficacy, brand exploitation protection, threat remediation and business continuity,” he added.

Hay also referred to Mimecast’s recent State of Email Security report, which revealed that “60% of organisations believe it’s inevitable or likely they will suffer from an email-borne attack in the coming year”.

“The same study found that 72% said phishing attacks remained flat or increased in the last 12 months. This is also exacerbated by the coronavirus pandemic, which has led to a real uptick in email-borne attacks. Our research found that detections were up a third during the first 100 days of the pandemic,” said Hay.

Last month, the NCSC published advice aiming to guide SMBs as they navigate the digital terrain, which may be new for many. 

Featured Resources

Choosing a collaboration platform

Eight questions every IT leader should ask

Download now

Performance benchmark: PostgreSQL/ MongoDB

Helping developers choose a database

Download now

Customer service vs. customer experience

Three-step guide to modern customer experience

Download now

Taking a proactive approach to cyber security

A complete guide to penetration testing

Download now

Most Popular

Microsoft is submerging servers in boiling liquid to prevent Teams outages
data centres

Microsoft is submerging servers in boiling liquid to prevent Teams outages

7 Apr 2021
How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

8 Apr 2021
Roadmap 2021: What’s coming from 3CX
Advertisement Feature

Roadmap 2021: What’s coming from 3CX

30 Mar 2021