NCSC significantly expands services to protect UK from record number of online scams

A record number of online scams were removed from the internet last year thanks to the nation’s cyber experts significantly expanding the UK’s defences to push back against fraudsters, it has been revealed today (Tuesday).

Ahead of the opening of its flagship CYBERUK conference, the National Cyber Security Centre - a part of GCHQ – disclosed that more than 2.7 million scam campaigns were stamped out in 2021, nearly four times more than in 2020. 

The rise reflects the expansion of NCSC services to take down additional malicious online content, such as fake celebrity endorsement scams, rather than an increase in scams overall. The work has been complemented by reports from the public of suspicious emails, texts and websites, which have enabled the NCSC to remove even more scams.

The celebrity scams and bogus extortion emails were the most commonly removed but other themes used by scammers included NHS vaccines and vaccine passports and even in one instance impersonating the CEO of the NCSC Lindy Cameron.

The findings represent some of the highlights in 2021 of the NCSC’s Active Cyber Defence programme, a pioneering initiative which prevents millions of cyber attacks from reaching UK citizens, critical infrastructure providers and organisations every year.

The highlights will be discussed at the NCSC’s CYBERUK conference which starts today at the ICC in Wales – the first in-person gathering of the event in three years. Other issues likely to feature heavily on the conference agenda are the international cyber security response to Russia’s invasion of Ukraine and the ongoing threat from ransomware.  

Lindy Cameron, CEO of the NCSC said,

“As we kick off CYBERUK, the latest ACD figures shine a light on how the NCSC has responded to emerging cyber threat trends and security issues to keep the UK safe at scale.

“We know that scammers will go to great lengths and indeed my name has been used to try to trick people, but as we continue to expand our defences we can see the tangible impact this is having.

“I look forward to discussing common approaches to boosting cyber resilience in the coming days at CYBERUK as we explore how to drive forward a whole-of-society approach to cyber security.”

Dr Ian Levy, NCSC Technical Director, said:

“Over the past five years, our Active Cyber Defence programme has been central to preventing millions of cyber attacks from causing harm to the UK.

“The highlights shared today evidence some of the crucial interventions we made last year to take down online threats, deter attackers and improve our collective cyber resilience. We will publish the full annual report on our website in due course.

“As ACD continues to grow and innovate, we strongly encourage the private sector to work even more closely with us to enhance the effectiveness of our services to take down and block malicious websites.”

In 2021, the ACD programme continued to help the UK stay safe online during the COVID-19 pandemic while boosting the country’s collective cyber resilience.

The NCSC removed more than 1,400 NHS-themed phishing campaigns last year – an 11-fold increase on 2020 – as scammers tried to trick people with fake messages about the vaccine rollout and certificates.

Meanwhile, in one scam taken down, a scammer claiming to be NCSC CEO Lindy Cameron sent an email informing the recipient that the NCSC had stopped £5 million of their money being stolen and to get the funds back they were required to reply with personal information.

The overall increase in scam removals was largely due to the Takedown Service expanding to take down additional types of malicious online content over a prolonged period of time. 

Alongside the removal of malicious online content, other key highlights from the fifth year of ACD’s operations include:

• More than 1.2 million domains linked with the Android malware Flubot were blocked – this malware was distributed to the public via ‘missed delivery’ scams
• 33 million events were flagged to organisations signed up to our Early Warning service, indicating something potentially malicious or vulnerable was on their systems. The service grew to more than 4,600 customers by the end of 2021.
• A milestone 10,000 users around the world was reached for the Exercise in a Box toolkit – a service which helps organisations practise their response to a cyber incident.

Fostering a ‘whole-of-society approach’ to cyber security is a central theme of this year’s CYBERUK being delivered across a range of panels, sessions and interactive workshops.

More than 1,500 attendees from industry, academia and government are set to participate in the first in-person summit since the pandemic where the community will share their expertise and experiences, and hear from leading cyber experts from around the world.

Following the success of last year’s CYBERUK conference online, the keynote speakers will also be streamed on the CYBERUK YouTube channel for a wider audience.

The latest ACD findings will be contained in the fifth year report, which will be published shortly. Last month, the NCSC announced all UK schools can now sign up for two ACD services – Mail Check and Web Check – to help them boost their email and web security.