April 21, 2020

NCSC wants “herd immunity” against coronavirus email scams

By Robert Scammell

The UK’s National Cyber Security Centre (NCSC) has launched a tool for members of the public to report suspicious emails, in a bid to shield people from a surge in coronavirus email scams and cyberattacks.

The scam email reporting tool is part of the government agency’s wider ‘Cyber Aware’ campaign, which will see members of the public given advice on areas such as protecting passwords, devices and accounts.

Those that have suspicions about an email can forward it to report@phishing.gov.uk, where the NCSC’s automated program will verify its legitimacy and remove sites found to be phishing scams.

So far, the NCSC, a division of GCHQ, has taken down more than 2,000 coronavirus-themed online scams. This includes phishing sites aimed at stealing personal information, fake online shops selling fraudulent coronavirus products and malware distribution sites.

“With greater use of technology, there are different ways attackers can harm all of us,” said NCSC chief executive Ciaran Martin. “But everyone can help to stop them by following the guidance campaign we have launched today. But even with the best security in place, some attacks will still get through.

“That’s why we have created a new national reporting service for suspicious emails – and if they link to malicious content, it will be taken down or blocked. By forwarding messages to us, you will be protecting the UK from email scams and cybercrime.”

Matt Lock, technical director UK at cybersecurity firm Varonis, compares the NCSC public awareness campaign to creating a “herd immunity” among the public against online scams.

“Herd immunity – to borrow a term from the medical community – emphasises vaccines, giving no safe harbour to infectious agents,” he said. “Herd immunity in cybersecurity works in much the same way: as vulnerable targets decrease, the more secure we all are. As a society, we depend on one another to do our part to flatten the curve.

“Now the public is being called on to report criminal activity to decrease the effectiveness of these terrible scams. While not foolproof, it’s an approach that makes sense while offering reminders to individuals to stay alert. An educated herd – a savvy public – does not fall victim to scams, con artists and threats as easily as a naïve public would.”

Criminals pivot to coronavirus email scams

Cybercriminals often capitalise on the latest news to trick victims into parting with cash and personal data. Since the outbreak of the Covid-19 pandemic, cybersecurity firms have observed a surge in attacks that take advantage of people’s fears, as well as the rise in people working remotely and spending more time online during lockdown.

Some 80% of all scams, hacks and cyberattacks observed by security firm Proofpoint are now coronavirus-themed.

“Phishing emails have increased recently and criminals are clearly abusing the pandemic for their own gain. Therefore, we need to work together in supporting each other and helping take down such sites and emails collectively,” said Jake Moore, cybersecurity specialist at internet security firm ESET.

“The NCSC has a difficult challenge on their hands as many people struggle to adopt their advice. Many, for example, are aware of two-factor authentication and how it can vastly reduce the chance of being hacked. However, very few act upon this advice and set it up on all of their accounts. Password managers are another lifesaver which will also help thwart the hackers’ methods of entering your accounts.”

The private sector is also playing its role in combating coronavirus scams. Nominet, the UK’s domain registry, told Verdict that it recently blocked the registration of 1,000 .uk domains related to Covid-19.

Cybersecurity professionals have also been pooling their resources to protect health agencies targeted by coronavirus scammers and cyberattackers.

Read more: Cybercriminals are using bots to feed coronavirus fears

Verdict deals analysis methodology

This analysis considers only announced and completed cloud-deals deals from the GlobalData financial deals database and excludes all terminated and rumoured deals. Country and industry are defined according to the headquarters and dominant industry of the target firm. The term ‘acquisition’ refers to both completed deals and those in the bidding stage.

GlobalData tracks real-time data concerning all merger and acquisition, private equity/venture capital and asset transaction activity around the world from thousands of company websites and other reliable sources.

More in-depth reports and analysis on all reported deals are available for subscribers to GlobalData’s deals database.

Topics in this article: ,