The National Cyber Security Centre (NCSC) in the UK launched a suspicious email reporting service (SERS) to the public, and the results were immediate: more than 80 web campaigns were shut down after just one day.
Cybercriminals are opportunistic, which means they’ll use any situation to create an advantage. And it’s impossible to find a more obvious avenue for criminals to exploit than the current COVID-19 epidemic.
A wave of phishing campaigns sprouted out of nowhere, promising cures, tricking people into donating money to fake causes, and spreading malware in malicious attachments. The growth of the phenomenon forced the authorities to take action, and the NCSC launched a new Cyber Aware campaign, asking the public for help.
In a single day, more than 5,000 suspicious emails were flagged and reported, which resulted in 83 online scams being terminated. As more and more people become aware of the service, the number of phishing campaigns taking advantage of the epidemic should fall considerably.
“The immediate take-up of our new national reporting service shows that the UK is united in its defence against callous attempts to trick people online,” said NCSC Chief Executive Officer Ciaran Martin. “While we have not seen a rise in email scams in the last month, coronavirus is the top lure currently used to conduct cybercrime, exploiting public unease and fear of the pandemic.”
Users only have to forward the suspicious emails, including the ones claiming to offer support related to coronavirus, to email@example.com, and the validity of the emails and websites is tested automatically.
Bitdefender’s own telemetry showed a drastic increase in March, with the number of COVID-19-themed phishing emails rising fivefold since February. But, with the help of the public and a little user awareness, those numbers could drop sharply.
As always, users should never open emails or attachments coming from people they don’t know. Keep in mind that official information about possible cures, donations, or medication for COVID-19 is not sent through emails by health authorities.