The National Cyber Security Center (NCSC) launched this service nearly two years ago, in the wake of a pandemic that forced more activity online than ever. It’s a good indicator that scams can be addressed and managed — even if we’re now seeing more of them than ever.

The Suspicious Email Reporting Service

The service is simple: Concerned members of the public can just forward any suspicious email to the “report@phishing.gov.uk” address. Once sent, this email then triggers the NCSC’s automated scanning system to check for scams and instantly remove any offending websites.

COVID-19 and Scams

Scammers thrive in times of change and uncertainty, so it’s no wonder that the early months of the pandemic in 2020 were packed with them. Plenty of COVID-19-related scams were circulating at the time that this email reporting service launched. One claimed to offer up a report on which of the victim’s coworkers or fellow students had tested positive — only accessible if the victim entered their account information, of course. Another common email scam invited the recipient to help process donations for a Coronavirus relief fund, as a way for the scammer to launder money.

Cyberattacks Are Growing

Despite the thousands of scams that the Suspicious Email Reporting Service has quashed, cyberattacks are on the rise in the UK — the most recent Crime Survey for England and Wales found a 161% increase in instances of unauthorized access to personal information across the last year. The US, without its own email reporting program, saw a 28% rise in phishing attacks, with enterprise organizations averaging about 68 attacks per month, just on social media. Ransomware remains a large concern as well, growing 104% in North America in 2021.

Staying Safe

Employees and members of the public can take some measures to stay safe — always double-check the spelling and format of any email to figure out which ones are authentic, enable two-factor authentication when available, and invest in some form of online security. VPNs can help in some cases, particularly for businesses with a remote, distributed workforce — we’ve ranked the best ones worth considering over here. Password managers are also beneficial, as many of them will flag suspicious sites that can be hard to spot. Check out our password management tools roundup over here.