The National Cyber Security Center (NCSC), a branch of the UK's GCHQ intelligence agency, is asking members of the public to be wary of suspicious emails and report them amid a wave of hacking attacks and scams that's taken advantage of the COVID-19 crisis.
GCHQ has been cracking down coronavirus scammers online, and so far, it has killed more than 2,000 scams in a month, the NCSC says. Attackers are using phishing emails to trick people into obtaining their credit card info and passwords or outright ask people for money.
According to the intelligence agency, there have been 832 "advance-fee frauds," where victims are duped into paying a specific amount, in believing that they'll get a large sum in return; 200 phishing sites were found gathering personal information; more than 450 stores were found selling fraudulent COVID-19-related merch, and 555 malware-laden sites.
"Criminals are seeking to exploit our greater use of emails, video conferencing and other technologies for their advantage," James Brokenshire, the U.K. minister for security, said. "It's despicable that they are using the coronavirus outbreak as cover to try to scam and steal from people in their homes. We all have a part to play in seeing they don't succeed."
To stop the growing number of online scams, the GCHQ has launched the Suspicious Email Reporting Service with the help of the City of London police. Anyone who receives a suspicious coronavirus-email may forward it to report@phishing.gov.uk. If the agency finds that it is a phishing email, any sites linked within the message will be removed from the web immediately.
The NCSC has advised that internet users must improve their security as the majority of our activities are now done online, which includes creating a unique password for each online account, enabling tw0-factor verification, backing up important data, and updating apps and software regularly.
Additionally, new guidelines on how to use video-conferencing platforms securely have been published by the agency, following the growing number of "Zoombombing" attacks, or the unwanted intrusion into a video conference call by an individual, which causes disruption. The NCSC says that users must not publicize their meetings and only connect to people through their address book or contacts.
The NCSC also collaborated with the U.S. earlier this month to warn people about the rise of coronavirus scams. It has published a growing list of 2,500 emails and websites to watch out for.
