Support from British businesses crucial in removing over 235,000 scams, new figures reveal


The sixth annual report from Active Cyber Defence (ACD) highlights success of a “whole-of-society" approach in preventing millions of cyber attacks from reaching UK organisations and citizens each year.

  • New report reveals record-breaking 7.1m suspicious emails and websites reported to authorities in 2022 – equivalent to one every five seconds
  • As a result, nearly a quarter of a million malicious website links directly removed from the internet since April 2020
  • Businesses’ sign-ups to NCSC services up 39% in 2022 with launch of SME-specific tool empowering non-technical users to boost resilience

BRITISH BUSINESSES and citizens reported a suspicious email or website every five seconds in 2022, a new report from GCHQ’s National Cyber Security Centre (NCSC) has revealed (Thursday).

7.1 million suspicious emails and URLs were flagged by UK organisations and citizens via the NCSC’s free Suspicious Email Reporting Service (SERS) between January 2022 and December 2022 – the equivalent of nearly 20,000 reports a day.

The reports, many of which came from UK businesses, contributed to the direct removal of nearly a quarter of a million (235,000) malicious URLs from the internet by the NCSC since SERS – the first service of its kind globally – launched in April 2020.

It took less than 6 hours on average for the NCSC to remove reported malicious URLs from the internet.

The finding is one of many insights in the sixth annual report from Active Cyber Defence (ACD), a cornerstone programme from the NCSC which takes a “whole-of-society” approach to cyber crime and prevents millions of high-volume cyber attacks from ever reaching UK organisations and citizens each year.

Jonathon Ellison, NCSC Director for National Resilience and Future Technology, said:

“In a cyber threat environment that resembles the Hydra – cut down one attack, another springs up in its place – ACD is once again doing unparalleled work to keep the country safe.“As this latest report shows, cyber security is not the sole preserve of tech specialists: businesses are increasingly alive to and eager to engage with the cyber risks they face, signing up in swathes to make the most of NCSC data and expertise.

“Small businesses have a key role to play in making it safer to work and live online, which is why we’re making it even easier for them to shore up their defences with accessible, free tools and soon, to manage these effortlessly via our integrated MyNCSC platform.”

Businesses’ growing appetite for cyber security in 2022 led to 39% more organisations signing up for ACD’s free services which are designed to empower users without specialist knowledge or a dedicated security function at work to boost their cyber resilience.

Small businesses constitute 99% of the UK’s business ecosystem and are hence indispensable to national prosperity. They also, however, face a unique set of behavioural barriers, financial pressures and competing priorities to achieving robust cyber security, often not having the expertise or allocated resource to give cyber due attention.

Read more on the NCSC website