Security chiefs fending off millions of scam emails attempting to trick the public

Messages look as if they are being sent by official bodies such as HMRC or the NHS

An analyst looks at code in the malware lab of a cyber security defense lab at the Idaho National Laboratory
An analyst looks at code in the malware lab of a cyber security defense lab at the Idaho National Laboratory

British citizens are being hit by millions of scam email attacks attempting to defraud the public each month, new figures have revealed.

Security chiefs are being forced to block huge volumes of the malicious messages, each of them posing as government or public sector organisations.

The emails show as normal messages from bodies such as HMRC or the NHS, and appear to be genuinely asking for information or personal details. But they are entirely fake – and the information that is entered is hoovered up by criminals who can then use it for identity theft and other attacks.

HMRC is easily the most popular organisation for scammers to set up for fake websites for, with emails being sent that claim they are offering fake tax rebates or other false information. But security experts are taking down thousands of such false websites each year.

Figures compiled by the National Cyber Security Centre (NCSC) show 4.5 million malicious emails were blocked each month on average – or 54 million a year.

Spoof emails are designed to fool citizens into believing they have come from a trusted source so they hand over passwords or personal data.

A breakdown of agencies featuring in the most fake emails shows criminals are persistently trying to spoof local councils, as well as national organisations.

​The study said: “We have seen the number of messages spoofed from an gov.uk address fall consistently over 2017, suggesting that criminals are moving away from using them as fewer and fewer of them are delivered to end users.”

Programmes to reduce the threat from cyber crime were drawn up by experts at the NCSC, which was launched in November 2016 and is part of intelligence agency GCHQ.

The assessment of the Active Cyber Defence (ACD) scheme published on Monday also showed that more than 120,000 unique phishing sites hosted in the UK were removed last year.

Phishing involves mass emails sent to large numbers of people asking for sensitive information, such as bank details, or encouraging them to visit a fake website.

In 2017, the NCSC took down 18,067 phishing sites pretending to be a UK government brand.

HMRC was the most commonly spoofed organisation, with 16,064 fake websites removed.

Bogus sites were also set up in the names of agencies, including the DVLA, Student Loans Company and Crown Prosecution Service.

While the volume of global phishing has gone up significantly over the last 18 months, the share hosted in the UK has reduced from 5.5 per cent to 2.9 per cent, according to the report.

NCSC technical director Ian Levy said: “The ACD programme intends to increase our cyber adversaries’ risk and reduces their return on investment to protect the majority of people in the UK from cyber attacks.

“The results we have published today are positive, but there is a lot more work to be done.

“The successes we have had in our first year will cause attackers to change their behaviour and we will need to adapt.

“Our measures seem to already be having a great security benefit – we now need to incentivise others to do similar things to scale up the benefits to best protect the UK from commodity cyber attacks in a measurable way.”

He added: “This report shows that simple things, done at scale, can have a positive and measurable effect and the British UK public should be safer as a result of these measures.

“As these measures are scaled up, people should be asked less often to do impossible things, like judge whether an email or website is good or bad.”

Additional reporting by agencies

Register for free to continue reading

Registration is a free and easy way to support our truly independent journalism

By registering, you will also enjoy limited access to Premium articles, exclusive newsletters, commenting, and virtual events with our leading journalists

Please enter a valid email
Please enter a valid email
Must be at least 6 characters, include an upper and lower case character and a number
Must be at least 6 characters, include an upper and lower case character and a number
Must be at least 6 characters, include an upper and lower case character and a number
Please enter your first name
Special characters aren’t allowed
Please enter a name between 1 and 40 characters
Please enter your last name
Special characters aren’t allowed
Please enter a name between 1 and 40 characters
You must be over 18 years old to register
You must be over 18 years old to register
Opt-out-policy
You can opt-out at any time by signing in to your account to manage your preferences. Each email has a link to unsubscribe.

By clicking ‘Create my account’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Already have an account? sign in

By clicking ‘Register’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Register for free to continue reading

Registration is a free and easy way to support our truly independent journalism

By registering, you will also enjoy limited access to Premium articles, exclusive newsletters, commenting, and virtual events with our leading journalists

Already have an account? sign in

By clicking ‘Register’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in