U.K. Cyber Spies Took Down 15-Times More Scams in Pandemic

Bookmark

Criminals launched more websites to trick people into giving up data, downloading malware and sending them money during 2020, taking advantage of pandemic lockdown by pretending to be celebrities, shops and government agencies.

The U.K.’s National Cyber Security Centre took down 700,595 malicious campaigns last year, 15-times more than a year earlier as the number of scams increased and it began targeting new types of fraud, the agency said in a report published on Monday.

The Covid-19 pandemic led to a surge in malicious hacking and phishing attempts globally as fraudsters took advantage of more people working from home, which led to weaknesses in corporate security and fears about the virus that led people to click on links purporting to have information about the disease.

And the stakes are getting higher with hackers increasingly targeting hospitals and companies that operate critical infrastructure. A ransomware attack forced the operator of the biggest gasoline pipeline in the U.S. to shut down late Friday in an incident that’s threatening to destabilize fuel supplies.

A popular tactic for defrauding people during lockdowns was to impersonate the U.K. government, with pages pretending to be tax or health authorities to exploit people searching for information amid upheavals including Brexit and emergency coronavirus measures. U.S. domain host NameCheap hosted almost a third of this category, according to the report.

“By mid-year, the median take-down times were consistently in excess of 60 hours,” the NCSC said regarding the campaigns hosted by the company. “This undoubtedly made NameCheap an attractive proposition to host phishing and may explain the rise in monthly hosted campaigns that followed.”

A representative for NameCheap said that the company has seen the number of fraud and abuse cases reported double since the start of the pandemic and the amount of incidents they identified themselves rose tenfold. The company said it’s increased staff and rolled out technology to help block abuse from domains using Covid-19 and Royal Mail terminology.

“We work closely with our colleagues in law enforcement. This includes the NCSC in the U.K., with whom we have a direct reporting line to communicate suspected fraud and abuse cases,” the company said in a statement. We “continue to work diligently to bring our response time down, having reduced our response time to less than 24 hours.”

Some 46.4% of schemes impersonating celebrity endorsements from the likes of billionaire Richard Branson came from servers owned by the Seattle-based tech giant Amazon.com Inc., which is a dominant player in the hosting market. They were taken down in a median of 19 hours following requests from the British cyber security agency, giving Amazon one of the fastest response times for this type of scam.

A representative for Amazon didn’t immediately respond to a request for comment outside regular business hours.

One such scam relied on a fake news article which fabricated Branson quotes extolling the benefits of an alleged crypto-currency platform, while another spoofed a Bitcoin trading platform endorsement by British financial expert Martin Lewis, with made-up quotes such as, “Brits are using this to make an average of 450 pounds a day and quitting their jobs!”

©2021 Bloomberg L.P.

BQ Install

Bloomberg Quint

Add BloombergQuint App to Home screen.