With over 5,000 suspected emails flagged and more than 80 malicious campaigns taken down, NCSC’s Suspicious Email Reporting Service (SERS) is a success on its launch day itself. The service was launched on Tuesday, April 21, 2020, as part of Cyber Aware campaign, to keep a check on the fake COVID-19-related messages duping people with online scams.
NCSC’s Suspicious Email Reporting Service has been co-developed with the City of London Police. SERS acts as a reporting system for U.K.’s general public but more so, provides U.K. police live time analysis and reports, and helps identify new patterns of online scams and frauds.
The immediate take-up of our new national reporting service shows that the U.K. is united in its defense against callous attempts to trick people online. While we have not seen a rise in email scams in the last month, coronavirus is the top lure currently used to conduct cybercrime, exploiting public unease and fear of the pandemic. We hope the success of the Suspicious Email Reporting Service deters criminals from such scams.
– Ciaran Martin, NCSC Chief Executive Officer
The SERS builds on NCSC’s existing takedown services, which has already removed more than 2,000 online scams related to Coronavirus in the month of March, including:
- 471 fake online shops selling fraudulent coronavirus related items
- 555 malware distribution sites
- 200 phishing sites exfiltrating personal information such as passwords or credit card details
- 832 advance-fee frauds
However, since reporting of these emails contains sharing of critical information of the reporter, there was a sense of concern among the common public. This concern has been resolved by NCSC as they highlighted how they treat the security of the data and with whom the data can be shared in the following ways:
- NCSC protects all the information shared with them as confidential information. It is stored securely, with strict access control.
- Under strict control, the information can however be shared with Law Enforcement agencies, such as the National Crime Agency (NCA) and the City of London Police, to help investigate, identify and mitigate malicious cyber activities.
- This bit of information is also exempted from Freedom of Information (FoI) requests.