Removal of Fraudulent URLs Jumped 15-Fold in 2020, NCSC Says

In 2020, The National Cyber Security Centre’s (NCSC) Active Cyber Defense (ACD) program managed to curb the online scam economy in a record-breaking takedown of 700,595 scams.

The agency’s latest annual report highlights a fifteen-fold increase in campaign takedowns compared to 2019. Nearly 1.5 million URLs were taken down in 2020, including:

  • Fake celebrity endorsement scams – 286,213 campaigns taking down 731,080 URLs
  • Fake shops – 139,522 campaigns taking down 222,353 URLs

The NCSC notes that the HMRC-themed attacks were among the most popular UK government departments used as a phishing lure, with over 4,000 campaigns in 2020. The report also highlights a particular increase in the number of phishing campaigns impersonating the NHS. In 2020, the ACD program was able to thwart 122 phishing campaigns related to the NHS, compared to 36 in 2019.

The Covid-19 vaccine rollout was a primary lure used by scammers in text and email messages.

“In December 2020, we saw the first campaign that used the COVID-19 NHS vaccine rollout as the lure, and it differed because it did not seek to harvest NHS credentials,” the ACD report states. “Like many other phishing attacks, the purpose of this attack was to harvest victim personal information for use in fraud. However, these attacks also undermine public confidence in the NHS vaccine rollout. As we moved into 2021, we saw this trend increase with campaigns delivered by email and SMS as fraudsters attempted to capitalize on the vaccine rollout.”

The NCSC also managed to pull out 43 fake NHS COVID-19 Test and Trace Apps found outside official app stores.

Additional noteworthy mentions of online scam takedown campaigns include the removal of 39,255 URLs with banking Trojans and 2,954 RAT URLs.

“The service has delivered more takedowns in 2020 than all the previous years combined, which we hope has reduced the potential harms that malware, phishing and other scams could inflict on UK citizens,” the ACD added. “We also hope that 2020’s new initiatives have genuinely lowered the value proposition for internet-enabled fraud in the UK (or that targets UK citizens). We’re continuing to engage directly with hosting companies and other responsible organisations who can assist in taking the malicious sites down quickly and efficiently.”