British Businesses Report 7.1 Million Scams in the Last Year – Are You Protected?
9 August 2023
Online scams have become increasingly prevalent in today’s digital landscape, posing a significant threat to individuals and businesses alike. With the rise in cybercrime, there is an urgent need for enhanced cybersecurity measures to safeguard against these malicious activities.
Addressing this pressing concern, the Active Cyber Defence (ACD) program takes centre stage in protecting the majority of people in the UK from cyber attacks.
In this blog, we delve into the key findings from the sixth-year summary of the ACD programme, shedding light on the scale of the issue and emphasising the importance of robust cyber security practices.
Cyber security measures can involve anti-spam software, advanced firewalls, secure WiFi with guest logins, anti-virus software, disaster recovery plans, and regular website & data backups. Full information on the services we offer can be found over on our cyber security page here.
Understanding Active Cyber Defence
The Active Cyber Defence (ACD) program was initiated in 2017 as a proactive response to the escalating cyber threats faced by individuals and organisations in the UK. At its core, ACD is designed to counter online threats and safeguard the majority of people from cyber attacks.
The program encompasses various services, including the Takedown Service, Protective DNS, Early Warning, and Exercise in a Box, each serving a crucial role in bolstering cyber security. The key findings in the report specifically highlight the impact and effectiveness of these ACD services in reducing high-volume attacks and fortifying the defences of UK citizens against evolving cyber threats.
The Scale of the Problem
The number of online scams is truly staggering, as evidenced by the 7.1 million suspicious emails and URLs reported by British businesses and citizens in the last year alone. This alarming number signifies the pervasive nature of cyber threats in our digital landscape. What’s even more astonishing is the frequency at which these scams are occurring, with a new suspicious email or website being reported every five seconds.
This constant barrage of scams highlights the urgent need for individuals and businesses to be proactive in protecting themselves from cyber threats. It is no longer a question of if but when one may become a target.
At ICT Solutions, we offer cyber security services to help businesses across the UK defend themselves from the evolving threats that cyber attacks can pose. From ransomware detection to firewalls, password management to real-time monitoring; our cyber security service covers all eventualities.
Types of Scams
There are different attack types that cybercriminals use. The report highlights the following:
Cryptocurrency Investment Scams
Cryptocurrency investment scams have emerged as a prevalent and persistent threat, with a consistently high volume observed. These scams capitalise on the rising popularity of cryptocurrencies and often employ deceptive tactics, such as leveraging well-known brands or using the images and endorsements of celebrities to appear legitimate. The report highlights a peak in takedowns related to cryptocurrency investment scams in January 2021, indicating a surge in these fraudulent activities.
However, subsequent trends show a downward trajectory in takedowns, suggesting that scammers may have shifted their focus to other attacks or refined their strategies to evade detection. Nonetheless, the persistence of cryptocurrency investment scams emphasises the need for heightened awareness and caution when engaging in any cryptocurrency-related activities to protect oneself from falling victim to these fraudulent schemes.
Government-Themed Scams
Government-themed scams have witnessed an interesting trend, as attacks on the HMG brand experienced a 17% decrease in 2022. This decline is in contrast to the growth observed in attacks targeting other parts of the UK IP space. It is worth noting that the impact of the pandemic played a significant role in these attacks, as attacks on the HMG brand tripled during that period.
However, as the situation has stabilised, the attacks on government brands have returned to pre-COVID levels. Over the last two years, there has been a noticeable reduction in phishing attacks utilising UK government brands, indicating progress in combating these specific types of scams. Nevertheless, vigilance remains crucial, as scammers may adapt their tactics and exploit new avenues to target individuals and organisations associated with government entities.
Energy Bill Scams
Scammers are adept at exploiting topical events to make their phishing attempts more convincing, and one such example is the UK government’s Energy Bills Support Scheme. By capitalising on this scheme, scammers employ deceptive techniques to trick individuals into divulging sensitive information or making fraudulent payments. These scams often involve phishing emails or websites that mimic official communication from energy providers or government agencies, creating a sense of urgency and legitimacy. For instance, they may use keywords like ‘rebate,’ ‘grant,’ or ‘scheme’ to lure victims into believing they are entitled to financial benefits.
Examples of energy bill scam attempts include fraudulent emails claiming to offer energy bill refunds or requesting immediate payment to avoid service disconnection. It is crucial for individuals to exercise caution, verify the authenticity of such communications, and refrain from sharing personal or financial information without proper verification to protect themselves from falling victim to these deceptive energy bill scams.
Web Shells
Web shells are malicious scripts employed by attackers to gain control over compromised servers by installing control panels. These scripts allow attackers to execute unauthorised activities, including hosting phishing sites or launching further cyber attacks. The report highlights an increase in the number of discovered web shells in 2022, indicating the growing prevalence of this threat.
To combat this, actions have been taken to identify and neutralise web shells, thereby minimising their impact. Among the hosting providers most commonly associated with web shells are Newfold Digital, Cloudflare, and GoDaddy. It is crucial for hosting providers and website owners to implement robust security measures, regularly monitor their systems, and promptly address any potential signs of compromise to prevent the exploitation of web shells and protect their online presence from malicious activities.
Protect Yourself From Cyber Attacks
The findings from the sixth-year summary of the Active Cyber Defence (ACD) program serve as a stark reminder of the pervasive nature of online scams and the critical importance of robust cyber security measures.
With millions of suspicious emails and URLs reported and various types of scams targeting individuals and businesses, it is evident that cyber threats continue to evolve.
Here at ICT Solutions, our approach to offering cyber security to UK businesses is personalised to individual needs. We do our research before setting you up, gaining an understanding of your business, your existing cyber security measures, the potential threats you could be at risk to, and what we can do to help.
Get in touch with us today to find out how our cyber security services can give you peace of mind.