The National Cyber Security Centre (NCSC) saw the number of malicious websites it removed increase 15-fold last year.
As part of the group’s Takedown Service, the NCSC removed over 700,000 campaigns, amounting to almost 1.5 million URLs in 2020. By comparison, in 2019, the centre took down around 45,000 campaigns and over 190,000 URLs.
To increase the scope of its campaigns, the NCSC invested in a wider set of takedown measures during 2020, allowing it to address different types of campaigns.
According to the NCSC, there were several common themes across the different scams. Among the most popular were fake celebrity endorsement scams, with the NCSC recording 286,213 campaigns and 731,080 URLs. Fake shops were also popular, seeing 139,522 campaigns and 222,353 URLs.
However, the NCSC said there was also a decrease in the percentage of attacks taken down within 24 hours, from 64.6% in 2019 to 55.5% in 2020.
According to the NCSC, the group took down more scams in the last year than in the previous three years combined.
The takedowns formed part of the NSCS’s Active Cyber Defence (ACD) programme, with the statistics revealed in the NCSC’s recently released fourth annual ACD report. The programme was expanded in reaction to the coronavirus pandemic and the subsequent increase of cyberattacks and scams across 2020 and 2021.
As part of this expansion, the NCSC introduced the Suspicious Email Reporting Service in April 2020. This received nearly 4 million reports of suspect emails from members of the public over the course of the year. This resulted in over 26,000 scams not previously identified by the Takedown Service being removed.
In addition, the ACD detected 122 phishing campaigns using NHS branding, compared to 36 in 2019. The centre also said that attempts to clone part of the gov.uk website were identified and prevented in December last year.
In total, over 11,000 UK-government-themed phishing campaigns were taken down in 2020, twice the figure from 2019. The group warned that Her Majesty’s Revenue and Customs was the UK government brand most used in phishing attempts.
According to Technical Director of the NCSC Dr Ian Levy: “The ACD programme is truly a collaborative effort, and it’s thanks to our joint efforts with partners both at home and internationally that we’ve been able to significantly ramp up our efforts to protect the UK.
“This has never been more important than in the last year, where it was vital for us to do everything we could to protect our most critical services and the wider public during the pandemic.
“The bold defensive approach taken by the ACD programme continues to ensure our national resilience and so I urge public bodies, companies and the general public to sign up to the services available to help everyone stay safe online.”
Recommended
- DIGIT Startup Q&A: Jenifer Clausell-Tormos, Founder & CEO of Develop Diverse
- Apprentice Employer of the Month | Servelec
- Sports video content startup Recast completes £5.9m Series A round
Senior Manager of Security Solutions at cybersecurity company Lookout Hank Schless said: “What’s happening right now is almost equal and opposite of what we saw when the pandemic was starting to rapidly spread at the start of 2020. At that time, attackers built social engineering campaigns that used hooks such as information about the virus’ spread, government aid, and ways to self-monitor to see if you were infected as ways to get people to fall for phishing attacks.
“Now, these same attackers are using fake apps and web pages centered around the vaccine rollout and re-openings to trick people in the exact same way.
“This exemplifies how effective social engineering can be – especially when there’s a widespread global event that people are uncertain about. Thirst for information about something as frightening as a pandemic causes people to exercise less caution. Attackers know this and play those emotions to their advantage in order to steal valuable information from anyone. Since we all use our mobile devices for both work and personal reasons, a successful attack could lead to corporate data leakage in addition to personal data being stolen.”