This security project has taken down 1.5 million scam, phishing and malware URLs in just one year

More websites hosting phishing domains and other online scams have been taken down during the past year than during the previous three years combined. 

The UK's National Cyber Security Centre's (NCSC) fourth annual Active Cyber Defence report details how it helped remove many more scams from the internet: in total, more than 1.4 million URLs responsible for 700,000 online scams have been removed by the NCSC's takedown service during the past 12 months.

The last year has seen a big rise in COVID-19-themed cybercrime and the NCSC has helped to take down thousands of URLs associated with phishing and malware attacks using warnings about COVID-19 or false offers of vaccines.

SEE: Cybersecurity: Let's get tactical (ZDNet/TechRepublic special feature) | Download the free PDF version (TechRepublic)

The NCSC also helped to take down fake online shops hosted in the UK, as well as fake celebrity endorsement scams used in an attempt to lure people into falling victim to cyberattacks. Often these scams begin with phishing messages that take victims through several URLs before they land on the final malicious site.

Scams and phishing campaigns designed to look like they came from the government, the NHS, HMRC and many other high-profile organisations have all been taken down as part of the NCSC's Active Cyber Defence (ACD) programme, which it said aims to protect "the majority of people in the UK from the majority of the harm caused by the majority of the cyberattacks the majority of the time."

Tools in the ACD arsenal include the takedown service for finding malicious sites and sending notifications to the host to remove them from the internet. It also includes the Suspicious Email Reporting Service, a feature introduced last year that allows members of the public to forward emails suspected to be fraudulent directly to the NCSC for further investigation.

To date, the service has received over four million emails and has helped identify more than 1.5 million malicious URLs and has helped lead to the takedown of tens of thousands of scams that hadn't previously been identified. However, the report noted there was also a decrease in the percentage of attacks taken down within 24 hours, from 64.6% in 2019 to 55.5% in 2020.

SEE: Ransomware just got very real. And it's likely to get worse

"The ACD programme is truly a collaborative effort, and it's thanks to our joint efforts with partners both at home and internationally that we've been able to significantly ramp up our efforts to protect the UK," said Dr Ian Levy, technical director of the NCSC.

"The bold defensive approach taken by the ACD programme continues to ensure our national resilience and so I urge public bodies, companies and the general public to sign up to the services available to help everyone stay safe online," he added.

MORE ON CYBERSECURITY

• Be warned: COVID-19 vaccine scams are now appearing online, over text, and by email
• How vaccine-related phishing attacks are posing a greater threat to organizations
• NHS hit with wave of scam emails at height of COVID-19 pandemic
• FBI warns of COVID-19 vaccine scams
• Crooks are using realistic-looking webpage templates to trick you into handing over personal data