The UK’s leading security agency removed nearly three million scams from the internet last year as it expanded its capabilities, it was revealed today.
The National Cyber Security Centre (NCSC) shared the most recent data from its latest Active Cyber Defence (ACD) initiative ahead of today’s flagship CYBERUK summit.
It claimed to have neutralized 2.7 million scams in 2021, including fake celebrity endorsements and bogus extortion emails. Other fraud campaigns used common themes, including NHS vaccines and vaccine passports.
Threat actors even impersonated NCSC CEO Lindy Cameron in an email informing the recipient that the NCSC had stopped £5m of their funds being stolen. Victims were urged to reply with personal information to get the money back.
The figure for scam takedowns was nearly four times greater than the NCSC’s 2020 activity, thanks to an expansion of the ACD program’s highly successful Takedown Service.
This originally focused on UK government “brands” and relies on spam and phishing scams and a Suspicious Email Reporting Service where organizations are urged to forward any scam emails to the NCSC. The NCSC then works with hosting providers to remove any sites and infrastructure identified as malicious.
The ACD initiative scored some other notable wins over the past year, such as blocking over 1.2 million domains linked with Android Flubot malware, which was distributed via “missed delivery” scams.
In addition, some 33 million organizations signed up to the NCSC’s Early Warning service were notified of something potentially malicious or vulnerable on their networks. The service had reportedly grown to 4600 customers by the end of last year.
Over 10,000 organizations tried the NCSC’s Exercise in a Box toolkit designed to enhance incident response.
NCSC technical director, Ian Levy, argued that the ACD has prevented millions of attacks from harming the UK for five years.
“The highlights shared today evidence some of the crucial interventions we made last year to take down online threats, deter attackers and improve our collective cyber resilience,” he added.
“As ACD continues to grow and innovate, we strongly encourage the private sector to work even more closely with us to enhance the effectiveness of our services to take down and block malicious websites.”