GCHQ calls on public to report coronavirusrelated phishing emails
GCHQ is asking members of the public to report suspicious emails they have received amid a wave of scams and hacking attacks that seek to exploit fear of Covid-19 to enrich cybercriminals.
The National Cyber Security Centre, a branch of the intelligence agency, has launched the suspicious email reporting service with a simple request of the public: forward any dubious emails to report@phishing.gov.uk, and the NCSC’s automated scanning system will check for scam emails and immediately remove criminal sites.
“Technology is helping us cope with the coronavirus crisis and will play a role helping us out of it, but that means cybersecurity is more important than ever,” said Ciaran Martin, chief executive officer of the NCSC. “That’s why we have created a new national reporting service for suspicious emails – and if they link to malicious content, it will be taken down or blocked. By forwarding messages to us, you will be protecting the UK from email scams and cybercrime.”
The reporting service has been launched after the organisation removed more than 2,000 online scams related to coronavirus in the last month, including:
471 fake online shops selling fraudulent coronavirus-related items
555 malware distribution sites set up to cause significant damage to visitors
200 phishing sites seeking personal information such as passwords and credit card details
832 advance-fee frauds where a large sum of money is promised in return for a set-up payment
Some scams prey on the fear of the virus, according to information security experts FireEye: many phishing attacks purport to share tips on how to avoid being infected with the disease, or reports on fellow employees or students with Covid-19, in order to encourage victims to enter their credentials to see the information.
Others appealed to a sense of greed. One widespread scam, uncovered in March by the journalist Brain Krebs, employed victims as “money mules”: people used to launder the proceeds of cybercrime through their own bank accounts. They were recruited through the pretence that they were helping process donations for a Coronavirus relief fund, and asked to turn a blind eye to the disproportionately large “commission” they received to “cover their expenses”.
“If you receive a job solicitation via email that sounds too good to be true, it probably is related in some way to one of these money-laundering schemes,” Krebs said.
The NCSC has also published new guidance on how to use videoconferencing tools securely, following the rise in “Zoombombing” attacks: pranksters taking advantage of lax default settings on the popular video chat app Zoom to invade and disrupt private meetings.
It recommends that users not make meetings public, connect only to people through their contacts or address book, and never post the link or password publicly.
“If you are organising the chat for your family or friends, consider using the lobby feature to ensure you know who has arrived,” the NCSC says. “This is especially useful if individuals are joining the meeting via an unrecognised phone number. Verify participants’ identity when they join the meeting.”
At the beginning of April, Zoom’s founder and CEO, Eric Yuan, committed to a freeze on new development while the platform focused on solving the privacy and security issues uncovered after a burst of new users. “We have fallen short of the community’s, and our own, privacy and security expectations,” Yuan said. “For that, I am deeply sorry.”