NCSC Report Reveals Phishing Lures Increasingly Disguised as Vaccine Appointments

The National Cyber Security Centre (NCSC) released the fifth edition of its Active Cyber Defence report on Wednesday 25 June 2022. Launched in 2016, the NCSC’s Takedown service has cut the UK.’s share of global phishing in half and reduced the lifecycle of commodity cyber-attacks.

Since its establishment, the service has fought new attacks. Public reporting has been activated via SERS and 7726, alongside Action Fraud. This has allowed the NCSC to tackle commodity cybercrime categories tied to reported financial losses. The service has taken down a total of 3.7m campaign groups, which have been composed of 5.8m URLS including 2.01m IP addresses, in just five years.

In an increasingly digital world, measures to prevent cybercrime are more important than ever. Active Cyber Defence (ACD) aims to “protect the majority of people in the UK from the majority of the harm caused by the majority of the cyber-attacks the majority of the time,” the report notes. As a largely automated service, the ACD safeguards the public against threats such as malware, reducing both occurrence and success rate.

In 2021, the Takedown service combatted 2.7m campaigns, including 3.1m URLs, a notable rise from 2020 takedowns comprising 700k campaigns, including 1.4m URLs. This significant increase is likely a result of the greater duration during which takedowns against extortion mail server and celebrity-endorsed investment scams were carried out in 2021. 

A new NHS vaccine lure was identified in December 2020 amid the pandemic. Victims received more than 70 of these lures in January 2021 via email and SMS campaigns. In the summer of 2021, this lure became less significant when a vaccine certification scheme took its place as the popular option. 

Together, these campaigns have sought to mine personal and financial data from targets. Bookings for vaccine appointments were falsely advertised on phishing websites in exchange for a fee, a lure that captured said data, allowing phishers to commit fraud and contact victims pretending to be representatives of UK. banks. 

Vaccine lures rapidly became more convincing, even offering QR Codes. Scanning said codes redirected victims to a free QR code generation site. The Office for National Statistics held its first digital census for England and Wales in March 2021. Following the event, phishers seized the opportunity to threaten targets with fines were they to send their census late.

What’s Hot on Infosecurity Magazine?