NCSC

NCSC Launches ‘Cyber Aware’ campaign – Report Phishing email scams

Finally, a way to report all those maliscious email you get every day

The National Cyber Security Centre (NCSC), a part of GCHQ, has today launched a  ‘Cyber Aware’ campaign promoting behaviours to mitigate threats and created a scam reporting service for people to flag suspicious emails for the NCSC to assess and take down malicious content.

Cyber criminals love phishing. Unfortunately, this is not a harmless riverbank pursuit. When criminals go phishing, you are the fish and the bait is usually contained in a scam email or text message.

The criminal’s goal is to convince you to click on the links within their scam email or text message, or to give away sensitive information.

These messages may look like the real thing but are malicious. Once clicked, you may be sent to a dodgy website which could download viruses onto your computer, or steal your passwords.

The NCSC has also today launched the ‘Suspicious Email Reporting Service’, which will make it easy for people to forward suspicious emails to the NCSC – including those claiming to offer services related to coronavirus.

In addition to the broader campaign, the organisation has this morning published specific advice for personal and professional use of video conferencing services, with top tips on setting up your accounts, arranging a chat and protecting your device.

This will build on the organisation’s existing takedown services, which have already removed more than 2,000 online scams related to coronavirus in the last month, including;

  • 471 fake online shops selling fraudulent coronavirus related items
  • 555 malware distribution sites set up to cause significant damage to any visitors
  • 200 phishing sites seeking personal information such as passwords or credit card details
  • 832 advance-fee frauds where a large sum of money is promised in return for a set-up payment

NCSC Chief Executive Officer Ciaran Martin said:

“Technology is helping us cope with the coronavirus crisis and will play a role helping us out of it – but that means cyber security is more important than ever.

“With greater use of technology, there are different ways attackers can harm all of us. But everyone can help to stop them by following the guidance campaign we have launched today. But even with the best security in place, some attacks will still get through.

“That’s why we have created a new national reporting service for suspicious emails – and if they link to malicious content, it will be taken down or blocked. By forward messages to us, you will be protecting the UK from email scams and cyber crime.”

The NCSC’s new guidance on the secure use of video conferencing services builds on a raft of advice published on www.ncsc.gov.uk since the coronavirus outbreak started.

With many people in the UK trying video conferencing for the first time, the advice includes top tips on securely installing the app, creating a strong password and tracking who is joining the chat.

The NCSC also recommends that you do not make meetings public, connect only to people through your contacts or address book – and to never post the link or password publicly.

The Cyber Aware campaign will be delivered by the NCSC working alongside the Home Office, the Cabinet Office and the Department for Digital, Culture, Media and Sport (DCMS) and will aim to help individuals and organisations to protect themselves online.

It urges people to protect their data passwords, the accounts they protect and the devices they use to access them.

The campaign encourages people to ‘Stay home. Stay Connected. Stay Cyber Aware’, and its top tips for staying secure online are;

  1. Turn on two-factor authentication for important accounts
  2. Protect important accounts using a password of three random words
  3. Create a separate password that you only use for your main email account
  4. Update the software and apps on your devices regularly (ideally set to ‘automatically update’)
  5. Save your passwords in your browser
  6. To protect yourself from being held to ransom, back up important data

This Suspicious Email Reporting Service has been co-developed with the City of London Police. By forwarding any dubious emails – including those claiming to offer support related to COVID-19 – to report@phishing.gov.uk, the NCSC’s automated programme will immediately test the validity of the site. Any sites found to be phishing scams will be removed immediately.

As well as taking down malicious sites it will support the police by providing live time analysis of reports and identifying new patterns in online offending – helping them stop even more offenders in their tracks.

Commander Karen Baxter, City of London Police, National Lead for Fraud, said:

“As we all stay indoors and spend more time online there is more opportunity for criminals to try and trick people into parting with their money. 

“Law enforcement are working closely with government to ensure the public, and businesses, are as well-equipped as possible to fight online harms.

“This process will be greatly assisted by the new suspicious email reporting service which empowers the public and enhances police capabilities to step up their response to fraud.

“Officers have already executed a number of warrants across the country to target and disrupt criminals sending emails and texts designed to steal your money.”