CyberUK 22: Data-sharing service to protect public from scams

The National Cyber Security Centre (NCSC) has handed the UK’s internet service providers (ISPs) a new weapon in the fight against online scams through a new threat data-sharing partnership, launched on the second day of its flagship CyberUK 2022 conference in Wales.

The NCSC said unlocking real-time data will enable broadband providers to instantly block their customers from accessing known fraudulent websites. It is being made available to all ISPs currently operating in the UK, and will supposedly “significantly bolster” the country’s ability to protect consumers from digital fraud and other forms of cyber crime.

The new service will complement the work of the NCSC’s existing takedown service – part of the Active Cyber Defence programme – which, it was revealed earlier this week, took down nearly three million online scams in 2021 alone, including fake celebrity endorsements, fraudulent Covid-19 vaccine passports, NHS-linked phishing campaigns and, in one instance, a gang of cyber criminals pretending to be NCSC CEO Lindy Cameron herself.

The organisation hopes eventually to be able to expand the service to web browsers and managed service providers (MSPs).

Sarah Lyons, NCSC deputy director for economy and society, said: “Cyber criminals continuously seek to deploy devious methods to trick us into sharing personal or financial details and it is vital that we stay ahead of them.  

“This landmark partnership with internet service providers means that scams can be blocked from ever reaching our screens and reinforces the UK’s armour in protecting the public from online harms.”

BT Security MD Kevin Brown, who has previously worked with the NCSC on a number of initiatives, added: “Online scams continue to cause massive harm, from the financial losses suffered by individuals and businesses, through to the continued erosion of our trust in the internet and the communications we receive.

“To tackle this, organisations across the public and private sector have to collate resources and openly share intelligence and best practice, even with their peers and competitors.

“We are proud to have worked closely with the NCSC to develop this initiative, which will significantly increase the speed at which we share data and block scams.”

The service will sit alongside a number of NCSC tools that consumers can already use to protect themselves, including a website reporting tool to which you can send suspicious URLs for analysis, and a reporting tool for spam and scam emails, [email protected]. Suspicious text messages, meanwhile, can be forwarded to 7726.

Separately, the NCSC has also launched a new email security checker tool to help organisations ensure appropriate protections are in place.

This free online service will help organisations to identify potential email vulnerabilities. The NCSC said it had found that adoption of recommended security standards varies widely across sectors, with some having coverage as low as 7%. It hopes the service will go some way towards fixing this.

“Email plays a central role in how organisations communicate every day, so it is vital that technical teams have measures in place to protect email systems from abuse,” said Paul Maddinson, NCSC director for national resilience and strategy.

“Our new email security check tool helps users identify where they can do more to prevent spoofing and protect privacy and offers practical advice on how to stay secure. By following the recommended actions, organisations can help bolster their defences, demonstrate they take security seriously, and make life harder for cyber criminals.”

The service scans available information about domains online, focusing on anti-spoofing – checking for standards such as DMARC and establishing whether they are properly configured – and email privacy – checking whether users have privacy protocols such as transport layer security (TLS) in place and operating correctly to protect data in transit. More features will be added in due course.

It should be noted, however, that the service is not able to check whether individual inbound emails or email domains are suspicious – suspicious emails should, as above, be forwarded to the NCSC’s reporting inbox.