Phishing scams top UK spy agency’s biggest cyberattacks

Tuesday, 27 February, 2018

Phishing spoofs, where users are invited to click on links to fake websites in an effort to scam them out of their details, still head the UK’s most common cyberattacks.

The National Cyber Security Centre (NCSC) has said it detected and prevented millions of online attacks aimed at the UK’s critical infrastructure, one year since the Active Cyber Defence (ACD) initiative was launched.

12 months ago the NCSC launched four pioneering programs: Web Check, DMARC, Public Sector DNS and a takedown service.

These programmes are free at the point of use and can block fake emails, remove phishing attacks and stop public sector systems being infected by malicious code.

Phishing: How to protect yourself to beat scammers

A report into the work done over the past 12 months lists some of the scam domains containing phishing emails that have now been removed.

Among the top most phished were HMRC, the DVLA, Student Union Loans and the Crown Prosecution Service.

Through the National Cyber Security Centre, the UK has taken a unique approach that is bold and interventionalist, aiming to make the UK an unattractive target to criminals or nation states.

This report shows that simple things, done at scale, can have a positive and measurable effect and the British public should be safer as a result of these measures.

But there is a lot more to be done. The successes we have had in our first year will cause attackers to change their behaviour and we will need to adapt.

- Dr Ian Levy: Technical Director, National Cyber Security Centre

Biggest phishing in UK council email

The NCSC initiative has seen a drop in the UK’s share of global phishing attacks down 5.3% with 121,479 sites hosted in the UK and a further 18,067 global sites removed.

There have been more than one million security scans and 7 million security tests carried out on public sector websites.

The initiative boasts they have blocked 4.5 million malicious emails a month.

Takedown times for sites pretending to be from the government came down from 42 hours to just 10 and there was a significant fall of scam emails from a bogus @gov.uk address such as taxrefund@gov.uk.

Among the organisations who have been the most effective at defending themselves from malicious attempts were local authorities.

Honourable mention goes to to Northumberland County Council which stopped 59,405 attempts, Cardiff Council with 31,728 and Denbighshire County Council with 25,627.

MAIN IMAGE: Lee Jordan/CC BY-SA 2.0

Tim Bamford author picture

By:

Tim is a veteran freelance journalist writing extensively on internet news and cybersecurity.

News What's the story?

Keep up with the latest developments in UK broadband.

The rise of cryptocurrency scams: don’t get mugged

The rising interest in Cryptocurrency is leaving consumers vulnerable to scams.

The rise of cryptocurrency scams: don’t get muggedThe rise of cryptocurrency scams: don’t get mugged Read more

Hyperoptic welcomes new investment from KKR.

Leading global investment firm acquires the majority stake of UK ISP Hyperoptic after they announce plans to quadruple fibre coverage.

Read more

Post Office officially the UK’s cheapest broadband deal

The latest victory in the price wars goes to Post Office with an amazing introductory offer for just over £15 a month!

Read more

Plusnet price hike warning

Incoming broadband and phone price rises before Christmas

Read more

Help Learn with us

Make the most of the internet with our broadband library.

Search engine alternatives to Google

Are there other options or is Google a search monopoly?

Search engine alternatives to GoogleSearch engine alternatives to Google Read more

The top online scams affecting Millenials – and how to avoid them!

Cybercrime is becoming more sophisticated every year - here are the current most frequent scams affecting millennials!

Read more

Is your faster broadband fast enough?

Read more

The differences between uploads and downloads

Read more