NCSC oversees fifteen-fold increase in internet scams during last year


Cybersecurity experts in the UK have overseen a massive fifteen-fold increase in scams removed from the internet, a new report reveals today (Monday May 10th).

The National Cyber Security Centre – a part of GCHQ – disclosed it had taken down more scams in the last year than in the previous three years combined as the organisation moved to protect the UK public and critical services such as the NHS during the coronavirus pandemic.

The findings were contained in the fourth annual report on the NCSC’s Active Cyber Defence programme,  which is designed to protect the UK from millions of cyber attacks and which was expanded during 2020.

The report was released ahead of the NCSC’s annual CYBERUK gathering, which this year for the first time will be hosted entirely online, enabling wider participation than ever before.

Adam Philpott, EMEA President at McAfee: 

“It’s no surprise that cyber attacks have dramatically increased over the past year, as cybercriminals adapted to exploit the pandemic and our thirst for information around Covid-19 related topics. What started as a trickle of phishing campaigns and the occasional malicious app quickly turned into thousands of malicious URLs. As we head into the next normal, we anticipate that the rise in threats will continue and businesses must ensure they have the correct measures in place to outrun the adversaries.”

A major focus for this two-day event, which begins tomorrow (Tuesday) and features a host of expert speakers from around the world, will be on how the NCSC and cybersecurity industry has responded to the pandemic.

The NCSC response included the introduction of the hugely successful Suspicious Email Reporting Service, a new feature of the ACD programme launched in April 2020 which received nearly 4 million reports of suspect emails from members of the public last year alone.

The organisation also worked with allies to call out hostile state activity and last year exposed Russian attacks on coronavirus vaccine development.

Says Lindy Cameron, NCSC CEO:

“As the cybersecurity community prepares to gather for CYBERUK, the ACD report offers a helpful insight into just some of the ways the NCSC has adapted to protect the UK during the pandemic.

“Whether it has been protecting vital research into the vaccine or helping people work from home securely, the NCSC has worked with partners to protect the digital homeland during this unprecedented period.

“I look forward to hearing from thought-leaders at CYBERUK as we reflect on this period and look ahead to building a resilient and prosperous digital UK after the pandemic.”

The latest ACD report highlights how the NCSC used its Takedown Service to protect the public from scams including fake celebrity endorsement scams and bogus Covid vaccines adverts.

The report showed that in the last year more than 700,000 online scams totalling 1.4 million URLs were removed by the NCSC – a massive increase on previous years due largely to the expansion of the Takedown Service.

One particular area of focus for ACD last year was protecting the NHS, and the report details efforts to monitor for attacks that sought to harvest NHS credentials and potentially compromise critical systems. In 2020 ACD detected 122 phishing campaigns using NHS branding, compared to 36 in 2019.

Among the lures were those using the COVID-19 NHS vaccine rollout, the first of which was picked up in December. Others included fake or unofficial copies of the NHS Test and Trace mobile app, with the removal of 43 instances of NHS apps hosted and available for download outside of the official Apple and Google app stores.

Beyond the NHS, other areas protected included TV Licensing, which saw a surge in attacks that corresponded with news of changes to TV Licensing entitlements for UK pensioners during July 2020.

And while the overall level of Brexit-themed UK government phishing was low during 2020, attempts to clone part of the website were identified in December. The attack was taken down promptly and relevant departments notified.

Introduced by the NCSC in 2016, the ACD programme includes a number of services that are designed to protect the UK from different online threats. Services include Mail Check, Web Check, Protective DNS, Exercise in a Box and the Suspicious Email Reporting Service.

Other key figures and findings for 2020 from the ACD Fourth Year report include:

  • More than 11,000 UK-government-themed phishing campaigns were taken down – more than double the 2019 figure.
  • The Suspicious Email Reporting Service was launched in April 2020, and received nearly 4 million reports by year-end, leading to the removal of over 26,000 scams not previously identified by the Takedown Service. The latest figures can be found on the NCSC website.
  • The most phished UK government brand was Her Majesty’s Revenue and Customs (HMRC).
Chris Price
For latest tech stories go to