As the number of cyber criminals targeting remote workers grows, the National Cyber Security Centre (NCSC) has kicked off a new effort to encourage people to report suspicious emails in an attempt to crack down on fraudsters and phishing scams.
The coronavirus pandemic has led to record numbers of organisations requiring people to work from home – and in many cases, those employees haven’t had any previous experience of working remotely and could be unaware of some of the potential security risks.
Cyber criminals have been quick to pick up on this, with a string of attacks designed to exploit confusion around the sudden shift to home working to help steal passwords and login details or steal sensitive corporate information.
SEE: Cybersecurity: Let’s get tactical (ZDNet/TechRepublic special feature) | Download the free PDF version (TechRepublic)
Now the NCSC, along with the Home Office, the Cabinet Office, the Department for Digital, Culture, Media and Sport (DCMS) and the City of London Police, has launched a ‘Suspicious email reporting service’ for members of the public to alert the authorities to potential cyberattacks – whether they’re coronavirus-themed scams or something else.
If the message does contain suspicious links or addresses, then the NCSC says it will be taken down. The data will also be analysed to try to identify patterns and more quickly takedown new scam websites.
This new initiative aims to build on the existing takedown services, which have already removed more than 2,000 online scams related to coronavirus in the last month, including 471 fake online shops selling fraudulent coronavirus-related items, 555 malware distribution sites, 200 phishing sites and 832 advance-fee frauds, where a large sum of money is promised in return for a set-up payment.
“Technology is helping us cope with the coronavirus crisis and will play a role helping us out of it – but that means cybersecurity is more important than ever,” said NCSC chief executive officer Ciaran Martin.
“That’s why we have created a new national reporting service for suspicious emails – and if they link to malicious content, it will be taken down or blocked. By forwarding messages to us, you will be protecting the UK from email scams and cybercrime.”
Members of the public can alert the authorities to potentially suspicious emails, including those claiming to offer support on COVID-19, to report@phishing.gov.uk.
SEE: Coronavirus-themed phishing attacks and hacking campaigns are on the rise
“As we all stay indoors and spend more time online there is more opportunity for criminals to try and trick people into parting with their money,” said Commender Karen Baxter of City of London Police.
“Law enforcement are working closely with government to ensure the public, and businesses, are as well-equipped as possible to fight online harms.”
The email-reporting service has been launched in conjunction with a campaign that encourages people to stay cyber aware and make it as difficult as possible for criminals to steal and use personal or corporate information from home workers. The six tips – detailed in full on the NCSC website – are:
- Turn on two-factor authentication for important accounts
- Protect important accounts using a password of three random words
- Create a separate password that you only use for your main email account
- Update the software and apps on your devices regularly (ideally set to ‘automatically update’)
- Save your passwords in your browser
- To protect yourself from being held to ransom, back up important data