The National Cyber Security Center has launched the Suspicious Email Reporting Service: a new email address to report scams to a government department that could actually do something about it.
The cybersecurity service, an offshoot of the listening agency GCHQ, said that it had set up an “automated program” which “will immediately test the validity of the site” if it is mentioned in a phishing e-mail .
“All sites found to be fraudulent will be immediately removed,” said the NCSC.
To make use of it, simply email it to email@example.com.
Lest it look a little too much like widely ridiculed Action Fraud organization, NCSC added: “If people have lost money, they need to tell their bank and report it to Action Fraud as a crime, but the new suspicious email reporting service will provide automated service to people who report what they think is a suspicious email. “
Google: We have blocked 126 million COVID-19 phishing scams in the past week
The NCSC bragged this morning that its “existing withdrawal services” had already removed more than 2,000 COVID-19-related online scams in the past month, including hundreds of fake online stores selling related items to fraudulent coronaviruses, malware distribution sites, phishing sites “personal information such as passwords or credit card details” and more than 800 “fraud in advance”, ie “when a large sum of money is promised in exchange for a set-up payment”.
Ciaran Martin, Director General of the NCSC, said in a canned statement:
“With greater use of technology, there are different ways in which attackers can harm us all. But everyone can help stop them by following the guidance campaign we launched today. But even with the best security in place, some attacks will still pass. This is why we have created a new national service to report suspicious emails – and if they are linked to malicious content, they will be deleted or blocked. By sending us messages, you will protect the UK against email scams and cybercrime. “
The NCSC has also reiterated its advice on cybersecurity, including exhortations to use separate passwords for separate online accounts, to use a password manager (including that of your browser if you have not don't want to pay for a commercial service), use multi-factor authentication and install patches and updates as soon as they are available. ®
Webcast: Build the Next Generation of Your Business in the Public Cloud