15 times more online scams stamped out as cyber experts moved to protect the UK during pandemic

A new report published on Monday 10 May 2021 reveals that cyber security experts in the UK have overseen a massive fifteen-fold increase in the number of scams removed from the internet.

The National Cyber Security Centre (NCSC) disclosed it had taken down more scams in the last year than in the previous three years combined as the organisation moved to further protect the UK’s public and critical services such as the NHS during the coronavirus pandemic.

The findings were contained in the fourth annual report on the NCSC’s Active Cyber Defence (ACD) programme, a pioneering service which protects the UK from millions of cyber attacks and which was expanded during 2020. Introduced by the NCSC in 2016, the ACD programme includes several services which are designed to protect the UK from different online threats.

The NCSC’s response to the pandemic, which will be explored more in this month’s CYBERUK gathering, included the introduction of the hugely successful Suspicious Email Reporting Service. This new feature of the ACD programme, launched in April 2020, received nearly 4 million reports of suspect emails from members of the public last year alone, leading to the removal of over 26,000 scams not previously identified by the Takedown Service. The latest figures can be found on the NCSC website.

The organisation also worked with allies to call out hostile state activity and last year exposed Russian attacks on coronavirus vaccine development. And to help ensure young people were able to continue learning valuable cyber security skills the NCSC moved its CyberFirst courses online for the first time, leading to record numbers of sign-ups.

The report also highlights how the NCSC used its Takedown Service to protect the public from scams including fake celebrity endorsement scams and bogus Covid vaccines adverts. Indeed, in the last year more than 700,000 online scams totalling 1.4 million URLs were removed by the NCSC – a massive increase on previous years due largely to the expansion of the Takedown Service.

One particular area of focus for ACD last year was protecting the NHS, and the report detailed efforts to monitor for attacks that sought to harvest NHS credentials and potentially compromise critical systems. In 2020 ACD detected 122 phishing campaigns using NHS branding, compared to 36 in 2019. Other areas protected included TV Licensing, which saw a surge in attacks that corresponded with news of changes to TV Licensing entitlements for UK pensioners during July 2020.

Other key figures and findings for 2020 from the ACD Fourth Year report include:

• More than 11,000 UK-Government-themed phishing campaigns were taken down – more than double the 2019 figure.
• The most phished UK Government brand was Her Majesty’s Revenue and Customs (HMRC).

The report also comes ahead of the CYBERUK 2021 launch of a new online Early Warning service which designed to help organisations defend against cyber attacks by providing timely notifications about possible incidents and security issues.

You can read more about the report here.