Tuesday 16 July 2019 2:29 pm

Massive airport email scam blocked by UK spooks

An attempt to scam hundreds of thousands of people using a spoof UK airport email address was one of a string of major cyberattacks prevented by spooks last year.

Criminals sent more than 200,000 emails impersonating an airport from a fake gov.uk address last August in a bid to defraud people, but the messages were intercepted before they reached their intended victims.

Read more: Government cybersecurity under scrutiny as staff lose hundreds of mobile devices

The large scam attempt was revealed in an annual report published today by the National Cyber Security Centre (NCSC), which is part of GCHQ.


Overall, the NCSC said it prevented 140,000 phishing attacks and removed 190,000 fraudulent sites, mostly within 24 hours.

The spy centre published the figures as part of its Active Cyber Defence (ACD) strategy, which includes the use of automated systems for detecting suspicious activity.

The programme has also been a key tool for HMRC, helping to reduce fraud attempts on the taxman by 46 per cent.

“While this and other successes are encouraging, we know there is more to do, and we would welcome partnerships with people and organisations who wish to contribute to the ACD ecosystem so that together we can further protect UK citizens,” said Dr Ian Levy, NCSC technical director.

It is the second time the NCSC has published a report on its progress since launching its ACD strategy in 2016.

Cabinet minister David Lidington said: “The statistics and examples in this report speak for themselves. They outline the tangible impact that Active Cyber Defence is having, and how it is a key building block in improving cyber security in the UK now, and in the future.”

The government has pumped £1.9bn into its cybersecurity strategy, which is set to run until 2021.


However, a scathing report published last month by the Public Accounts Committee said the government had failed to develop a business case for its plan, called for greater clarity over its targets.

“The NCSC’s efforts on fighting phishing attacks – specifically that of the bogus email from a UK airport last year – and raising awareness amongst UK organisations and businesses should be applauded,” said David Mount, Europe director at cybersecurity firm Cofense.

Read more: Number of cyber incidents reported by financial services firms explodes

“Unfortunately, however, while the NCSC may have the ability to help some, it does not have the resources to help everyone in the fight against cybercrime.

“Luckily, we hope that people take these stories on to learn by example about the risks of phishing to be able to reduce or prevent harm and stay on top of their organisational security. “

Main image credit: Getty

Share