UK Covid-related cybercrime fuels 15-fold rise in scam takedowns

The Guardian logo

The UK’s cybersecurity agency has taken down more scams in the last year than in the previous three years combined, with coronavirus and NHS-themed cybercrime fuelling the increase.

Experts oversaw a 15-fold rise in the removal of online campaigns compared with 2019, according to the National Cyber Security Centre (NCSC).

There was a jump in the number of phishing attacks using NHS branding to dupe victims, with the Covid-19 vaccine rollout used as a lure via email and text message to harvest people’s personal information for fraud.

To continue reading this report in The Guardian, go to:

Also see:

Martin Lewis and Sir Richard Branson’s names most used by scammers
Martin Lewis and Sir Richard Branson are the celebrities whose names are used most in fake endorsement scams, a report has found.

The National Cyber Security Centre (NCSC) removed more than 730,000 websites running the tricks in 2020.

Mr Lewis, founder of the website Money Saving Expert, said the whole issue sickened him.

Experts at the cyber-agency, which is part of intelligence agency GCHQ, say it’s a growing problem.

Fifteen times more online scams stamped out as cyber experts moved to protect UK during pandemic [news release]

  • National Cyber Security Centre (NCSC) reveals how Active Cyber Defence (ACD) programme was used to protect public and NHS
  • Expansion of ACD among range of ways NCSC adapted to support UK during coronavirus pandemic
  • Details revealed in a new report ahead of first-ever virtual CYBERUK

CYBER security experts in the UK have overseen a massive fifteen-fold increase in the number of scams removed from the internet, a new report reveals today (Monday).

The National Cyber Security Centre – a part of GCHQ – disclosed it had taken down more scams in the last year than in the previous three years combined as the organisation moved to further protect the UK public and critical services such as the NHS during the coronavirus pandemic.

The findings were contained in the fourth annual report on the NCSC’s Active Cyber Defence programme, a pioneering service which protects the UK from millions of cyber attacks and which was expanded during 2020.

The report was released ahead of the NCSC’s annual CYBERUK gathering, which this year for the first time will be hosted entirely online, enabling wider participation than ever before.

A major focus for the two-day event, which begins tomorrow (Tuesday) and features a host of expert speakers from around the world, will be on how the NCSC and cyber security industry has responded to the pandemic.

The NCSC response included the introduction of the hugely successful Suspicious Email Reporting Service, a new feature of the ACD programme launched in April 2020 which received nearly 4 million reports of suspect emails from members of the public last year alone.

The organisation also worked with allies to call out hostile state activity and last year exposed Russian attacks on coronavirus vaccine development.

And to help ensure young people were able to continue learning valuable cyber security skills the NCSC moved its CyberFirst courses online for the first time, leading to record numbers of sign-ups.

Lindy Cameron, NCSC CEO, said:

“As the cyber security community prepares to gather for CYBERUK, the ACD report offers a helpful insight into just some of the ways the NCSC has adapted to protect the UK during the pandemic.

“Whether it has been protecting vital research into the vaccine or helping people work from home securely, the NCSC has worked with partners to protect the digital homeland during this unprecedented period.

“I look forward to hearing from thought-leaders at CYBERUK as we reflect on this period and look ahead to building a resilient and prosperous digital UK after the pandemic.”

Dr Ian Levy, Technical Director of the NCSC, added:

“The ACD programme is truly a collaborative effort, and it’s thanks to our joint efforts with partners both at home and internationally that we’ve been able to significantly ramp up our efforts to protect the UK.

“This has never been more important than in the last year, where it was vital for us to do everything we could to protect our most critical services and the wider public during the pandemic.

“The bold defensive approach taken by the ACD programme continues to ensure our national resilience and so I urge public bodies, companies and the general public to sign up to the services available to help everyone stay safe online.”

The latest ACD report highlights how the NCSC used its Takedown Service to protect the public from scams including fake celebrity endorsement scams and bogus Covid vaccines adverts.

The report showed that in the last year more than 700,000 online scams totalling 1.4 million URLs were removed by the NCSC – a massive increase on previous years due largely to the expansion of the Takedown Service.

One particular area of focus for ACD last year was protecting the NHS, and the report detailed efforts to monitor for attacks that sought to harvest NHS credentials and potentially compromise critical systems. In 2020 ACD detected 122 phishing campaigns using NHS branding, compared to 36 in 2019.

Among the lures were those using the COVID-19 NHS vaccine rollout, the first of which was picked up in December. Others included fake or unofficial copies of the NHS Test and Trace mobile app, with the removal of 43 instances of NHS apps hosted and available for download outside of the official Apple and Google app stores.

Beyond the NHS, other areas protected included TV Licensing, which saw a surge in attacks that corresponded with news of changes to TV Licensing entitlements for UK pensioners during July 2020.

And while the overall level of Brexit-themed UK government phishing was low during 2020, attempts to clone part of the website were identified in December. The attack was taken down promptly and relevant departments notified.

Introduced by the NCSC in 2016, the ACD programme includes a number of services which are designed to protect the UK from different online threats. Services include Mail Check, Web Check, Protective DNS, Exercise in a Box and the Suspicious Email Reporting Service.

Other key figures and findings for 2020 from the ACD Fourth Year report include:

  • More than 11,000 UK-government-themed phishing campaigns were taken down – more than double the 2019 figure.
  • The Suspicious Email Reporting Service was launched in April 2020, and received nearly 4 million reports by year-end, leading to the removal of over 26,000 scams not previously identified by the Takedown Service. The latest figures can be found on the NCSC website.
  • The most phished UK government brand was Her Majesty’s Revenue and Customs (HMRC).

A pre-recorded session about ACD services and how they help defend the UK from cyber threats will be available during CYBERUK.

The report also comes ahead of the launch of a new online service which alerts organisations to potential cyber attacks affecting their networks.

The new Early Warning service is designed to help organisations defend against cyber attacks by providing timely notifications about possible incidents and security issues and will be launched during CYBERUK.

Active Cyber Defence (ACD) – the fourth year – the report

The year four report covers 2020 and aims to highlight the achievements and efforts made by the Active Cyber Defence programme.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.