The National Cyber Security Centre has launched the Suspicious Email Reporting Service: a new email address for reporting scam mails to a government department that might actually do something about it.
The cybersecurity service, an offshoot of eavesdropping agency GCHQ, said it has set up an "automated programme" that will "immediately test the validity of the site" if one is mentioned in a phishing email.
"Any sites found to be phishing scams will be removed immediately," NCSC declared.
To make use of this, simply email it to firstname.lastname@example.org.
Lest this sounds a bit too similar to the widely ridiculed Action Fraud organisation, NCSC added: "If people have lost money, they should tell their bank and report it as a crime to Action Fraud, but the new Suspicious Email Reporting Service will offer an automated service to people who flag what they think to be a suspicious email."
Google: We've blocked 126 million COVID-19 phishing scams in the past weekREAD MORE
NCSC boasted this morning that its "existing takedown services" have already removed more than 2,000 online scams related to COVID-19 in the last month, including hundreds of fake online shops selling fraudulent coronavirus-related items, malware distribution sites, phishing sites "seeking personal information such as passwords or credit card details" and more than 800 "advance-fee frauds", which is "where a large sum of money is promised in return for a set-up payment."
Ciaran Martin, NCSC chief exec, said in a canned statement:
"With greater use of technology, there are different ways attackers can harm all of us. But everyone can help to stop them by following the guidance campaign we have launched today. But even with the best security in place, some attacks will still get through. That's why we have created a new national reporting service for suspicious emails – and if they link to malicious content, it will be taken down or blocked. By forwarding messages to us, you will be protecting the UK from email scams and cyber crime."
NCSC also reiterated its cybersecurity advice, including exhortations to use separate passwords for separate online accounts, use a password manager (including your browser's built-in one if you don't feel like shelling out for a commercial service), use multi-factor authentication and to install patches and updates as soon as they're available. ®