The UK’s National Cyber Security Centre (NCSC), part of GCHQ, has taken down more than 2,000 online coronavirus scams in the last month.
NCSC said this included 471 fake online shops that were selling fraudulent virus-related items. It coincides with the launch of a cross-governmental ‘Cyber Aware’ campaign offering advice for people to protect passwords, accounts and devices.
In addition to the broader campaign, the organisation has also issued new guidance on the secure use of video conferencing services, building on a raft of advice published on www.ncsc.gov.uk since the coronavirus outbreak started.
With many people in the UK trying video conferencing for the first time, the advice includes top tips on securely installing the app, creating a strong password and tracking who is joining the chat.
The Cyber Aware campaign will be delivered by the NCSC working alongside the Home Office, the Cabinet Office and the Department for Digital, Culture, Media and Sport (DCMS) and will aim to help individuals and organisations to protect themselves online.
It urges people to protect their data passwords, the accounts they protect and the devices they use to access them. The campaign encourages people to ‘Stay home. Stay Connected. Stay Cyber Aware’.
The NCSC has also today launched a ‘Suspicious Email Reporting Service’, which will make it easy for people to forward suspicious emails to the NCSC – including those claiming to offer services related to coronavirus.
By forwarding any dubious emails – including those claiming to offer support related to COVID-19 – to firstname.lastname@example.org, the NCSC’s automated programme will immediately test the validity of the site. Any sites found to be phishing scams will be removed immediately.
2000 online Coronavirus scams include:
471 fake online shops selling fraudulent coronavirus related items
555 malware distribution sites set up to cause significant damage to any visitors
200 phishing sites seeking personal information such as passwords or credit card details
832 advance-fee frauds where a large sum of money is promised in return for a set-up payment
As well as taking down malicious sites it will support the police by providing live time analysis of reports and identifying new patterns in online offending – helping them stop even more offenders in their tracks. If people have lost money, they should tell their bank and report it as a crime to Action Fraud.
Says Commander Karen Baxter, City of London Police, National Lead for Fraud, which is working with the NCSC on the initiative:
“As we all stay indoors and spend more time online there is more opportunity for criminals to try and trick people into parting with their money.
“Law enforcement are working closely with government to ensure the public, and businesses, are as well-equipped as possible to fight online harms.
“This process will be greatly assisted by the new suspicious email reporting service which empowers the public and enhances police capabilities to step up their response to fraud.
Adds NCSC Chief Executive Officer Ciaran Martin:
“Technology is helping us cope with the coronavirus crisis and will play a role helping us out of it – but that means cyber security is more important than ever.
“With greater use of technology, there are different ways attackers can harm all of us. But everyone can help to stop them by following the guidance campaign we have launched today. But even with the best security in place, some attacks will still get through.
“It’s despicable that they are using the coronavirus outbreak as cover to try to scam and steal.”
Finally, Raj Samani, Chief Scientist at cybersecurity specialist McAfee comments:
“As we continue to spend more time online, both actively and passively – from emails, shopping and browsing to apps, social media, and smart home devices – the number of opportunities cybercriminals can exploit increases, too.
“Over the last year especially, McAfee’s seen a huge increase in cyberattacks and the emergence of scams. In fact, last year, we revealed 28% of Brits said they have fallen victim to an email phishing scams. This is a popular tactic used by cybercriminals, geared towards gaining access to personal information, such as bank details, to exploit unsuspecting consumers. Unfortunately, these cybercriminals see the current situation as the perfect opportunity to prey on people.
“Always think twice before actioning any messages or emails regarding the pandemic which asks for any personal data. Never share your personal information and as a rule of thumb, always go directly to the source as opposed to clicking links or replying direct to messages.”
6 steps to protect yourself online
- Turn on two-factor authentication for important accounts
- Protect important accounts using a password of three random words
- Create a separate password that you only use for your main email account
- Update the software and apps on your devices regularly (ideally set to ‘automatically update’)
- Save your passwords in your browser
- To protect yourself from being held to ransom, back up important data