The UK’s National Cyber Security Centre (NCSC) has stopped more online scams during the pandemic than the combined total of the previous three years.
COVID and NHS-themed cyber-attacks fuelled the increase. Security experts recorded a 15-fold rise in the removal of online campaigns in 2020 compared to 2019.
The findings were included in the NCSC’s annual Active Cyber Defence (ACD) report which unveils a significant jump in the number of phishing attacks using NHS branding to trick victims.
The COVID vaccine rollout was also used as a lure in email and text messages to gain people’s personal information. Also, over 40 fake COVID apps were taken down by the NCSC.
The Active Cyber Defence programme has a ‘Suspicious Email Reporting’ service which has been very successful since its launch in April 2020. It received nearly four million reports of malicious emails from members of the public in its first year.
The NSCS also worked with a number of other bodies to highlight hostile state activity – including helping to expose Russian attacks on COVID vaccine facilities.
Dr Ian Levy, the NCSC’s technical director, said: “The ACD programme is truly a collaborative effort and it’s thanks to our joint efforts with partners both at home and internationally that we’ve been able to significantly ramp-up our efforts to protect the UK.”
In a separate report, cyber security company Kaspersky has warned about vaccine-related scams increasing in 2021.
The cyber security company said its experts discovered various types of phishing pages distributed all over the world. As well as spam letters, recipients are being invited to get a vaccine, to take part in a survey, or are offered products to diagnose and treat the virus. Again, these are often NHS-branded attempts that aim to steal personal information for fraudulent purposes.
Tax office scams
According to the NSCS’s report, HM Revenue & Customs (HMRC) remains the most copied ‘brand’ used by fraudsters with more than 4,000 campaigns by cyber hackers.
Next in number is the gov.uk website followed by TV Licensing. Overall, more than 700,500 campaigns were taken down, accounting for 1,448,214 URLs.
Another problem highlighted was endorsement scams which falsely claim to be supported by celebrities such as Sir Richard Branson and Martin Lewis. Others carried UK newspaper branding.
Gary Jowett, from Computer & Network Consultants (CNC) in Brighton, said: “Pandemic-related online scams are no surprise, but the sheer volume of attacks suggests the cyber criminals have spotted a chink in the armour of many people’s cyber defences because they’re possibly reaping more results from this theme than other online scams. It is vital that all businesses continually remind their employees to be wary of these fraudulent approaches because, in an age of social media, people can become trigger happy when reacting to digital contact. Thinking before reacting is so essential. Unless regular reminders are issued, a thoughtless click on a link in an email purporting to be from a trusted organisation could unleash another form of virus into the veins of your company’s network, with fatal consequences.”