Yesterday, the British NCSC (National Cyber Security Centre) released a security report covering the blocking of thousands of email scams, some of which were related to crypto-assets.
This service was launched last April as part of a cybersecurity campaign and has collected a daily average of over 16,000 emails, exceeding 1 million total emails containing links and scams of various kinds.
As noted in the report, most of the scam emails were about fake crypto investments with incredible returns when compared to Bitcoin (BTC).
More than half of the incoming links were permanently blocked.
Besides the part related to crypto scams, another pattern that British intelligence has detected is the one involving several fake online shops that link to completely misleading websites in order to obtain user credentials.
Essentially, it is a phishing scheme, which is still quite popular as a tool used by criminals.
The CEO of the NCSC, Ciaran Martin, thanked those who provided the data and emails:
“Reaching the milestone of one million suspicious emails reported is a fantastic achievement and testament to the vigilance of the British public. The kind of scams we’ve blocked could have caused very real harm and I would like to thank everyone who has played their part in helping make the internet safer for all of us”.
The NCSC has made available to everyone an email address, [email protected], to send and report suspicious emails or links so the department can conduct thorough checks and take action.
This call for cooperation was also emphasized by Digital Secretary Oliver Dowden:
“I urge everyone to continue reporting suspicious emails and follow our Cyber Aware campaign top tips for staying secure online alongside our world-leading National Cyber Security Centre advice.”
The amount of scam emails
The numbers in this NCSC report are very impressive and only 10% of the scams that arrive are deleted within 1 hour of receiving the email.
40% are deleted within a day, which shows that users are slowly starting to identify scams around the network.
The following tips can be followed to reduce the risk:
- Set up different passwords for each service
- Do not use the same password for email, but create a strong enough password,
- Save the password in your browser so you don’t have to type it in and risk it being saved by a keylogger,
- Activate 2-factor authentication (2FA),
- Constantly update your devices,
- Make a backup of the most important data.