Online scams reported every five seconds in UK


The “whole-of-society” approach has prevented millions of cyber attacks in the UK, according to the country’s National Cyber Security Centre (NCSC).

A record-breaking 7.1 million suspicious emails and websites were reported to the authorities in 2022, say researchers in the sixth annual report from the NCSC’s Active Cyber Defence (ACD) program.

According to the report, UK organizations and citizens flagged the equivalent of nearly 20,000 suspicious emails and URLs a day, or one every five seconds. This directly contributed to the removal of thousands of malicious links from the internet, it said.

Suspicious links and emails can be reported through the NCSC’s Suspicious Email Reporting Service (SERS). It’s free to use and was the first service of its kind in the world when it launched in April 2020, according to the agency.

It said it had removed nearly a quarter of a million, or 235,000, malicious links from the internet since then, while its “whole-of-society” approach to fighting cybercrime prevents “millions” of high-volume cyberattacks against UK organizations and citizens each year.

Small businesses in particular have a key role to play in ensuring a safer online environment, according to Jonathon Ellison, NCSC Director for National Resilience and Future Technology.

“As this latest report shows, cyber security is not the sole preserve of tech specialists: businesses are increasingly alive to and eager to engage with the cyber risks they face, signing up in swathes to make the most of NCSC data and expertise,” Ellison said.

While small businesses are “indispensable” to national prosperity – constituting 99% of the UK’s business ecosystem – they often lack expertise and the financial resources to afford robust cybersecurity, according to the NCSC.

As a result, 2022 saw a 39% increase in organizations signing up for ACD’s free services to boost their cyber resilience, the report showed, with two new tools launched last year.

Email Security Check “provides a quick and simple way of understanding aspects of email security,” while Check Your Cyber Security is a “scalable vulnerability check tool” specifically designed for small organizations.

The NCSC was “doing the right thing” by making its services accessible to small businesses, Martin McTague, National Chair of the Federation of Small Businesses, said. He added that a “fifth of small businesses see cybercrime as the most impactful crime in terms of both cost and disruption to their operations.”

The ACD report noted that phishing scams remain the most prevalent attack hosted in the UK even though the amount of global phishing campaigns hosted in the country has declined.

It also said that “opportunistic attacks” on the UK government decreased by 17% last year, while the war in Ukraine was a “consistent pretense” for cryptocurrency scams throughout 2022.