Kitz ADSL Broadband Information
adsl spacer  
Support this site
Home Broadband ISPs Tech Routers Wiki Forum
 
     
   Compare ISP   Rate your ISP
   Glossary   Glossary
 
Please login or register.

Login with username, password and session length
Advanced search  

News:

Author Topic: National Cyber Security Centre suspicious email reporting service  (Read 782 times)

jelv

  • Helpful
  • Kitizen
  • *
  • Posts: 1701

Just picked this up from moneysavingexpert:

New. A quick and easy way to report scam emails

The National Cyber Security Centre (part of GCHQ – the Government's cyber and security agency) has launched a suspicious email reporting service to take phishing scams down – all you have to do is forward suspicious emails to report@phishing.gov.uk.

Once you've reported a suspicious email, the NCSC will analyse it and any websites it links to. If it believes it's malicious, NCSC may:

    Seek to block the address the email came from, so it can no longer send emails.
    Work with hosting companies to remove links to malicious websites.
    Raise awareness of commonly reported suspicious emails and methods used.

While the NCSC is unable to inform you of the outcome of its review, it has assured us that it acts upon every message received – as an example, within the first week, the new service received over 25,000 reports and, as a direct result, it has already removed over 400 phishing campaigns.
Logged
Line rental: Pulse8, Broadband: AAISP Home::1 FTTC 80/20, Mobile: id Mobile

jelv

  • Helpful
  • Kitizen
  • *
  • Posts: 1701
Logged
Line rental: Pulse8, Broadband: AAISP Home::1 FTTC 80/20, Mobile: id Mobile

Ronski

  • Helpful
  • Kitizen
  • *
  • Posts: 3831
Re: National Cyber Security Centre suspicious email reporting service
« Reply #2 on: April 29, 2020, 07:57:50 PM »

I just read this thread, and thought perfect just deleted a spam email with a suspicious attachment, so forwarded it to the provided address and got the following failure reply.

Quote
Your message did not reach some or all of the intended recipients.

      Subject:   FW: Price Offer
      Sent:   29/04/2020 19:55

The following recipient(s) cannot be reached:

      'report@phishing.gov.uk' on 29/04/2020 19:55
            Server error: '553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)'
Logged
Formerly restrained by ECI and ali,  now surfing along at 390/36  ;D

sevenlayermuddle

  • Helpful
  • Addicted Kitizen
  • *
  • Posts: 5247
Re: National Cyber Security Centre suspicious email reporting service
« Reply #3 on: April 29, 2020, 08:48:14 PM »

Something about NCSC fails to inspire me, seems a little bit too oriented towards publicity stunts.   

What’s the point in telling me it has already removed 400 phishing campaigns?  Unless they express that number as a percentage of a total I have no idea whether 400 is a lot, or a minuscule drop in the ocean.

I’m aware that they are asserted to be part of GCHQ, but I can’t help get the feeling that GCHQ may just be being polite, in allowing such comparisons to go unchallenged. :(
Logged

gt94sss2

  • Kitizen
  • ****
  • Posts: 1025
Re: National Cyber Security Centre suspicious email reporting service
« Reply #4 on: April 29, 2020, 10:18:05 PM »

I’m aware that they are asserted to be part of GCHQ, but I can’t help get the feeling that GCHQ may just be being polite, in allowing such comparisons to go unchallenged. :(

They are definitely linked to GCHQ and part of their expertise comes from there

https://www.ncsc.gov.uk/section/about-ncsc/what-we-do
Logged

Westie

  • Kitizen
  • ****
  • Posts: 1596
Re: National Cyber Security Centre suspicious email reporting service
« Reply #5 on: April 29, 2020, 10:20:24 PM »

According to the NCSC, not all reports to them are getting through. :(
I picked up this info from their site here
Quote
In a small number of cases, an email may not reach our service due to it already being widely recognised by spam detection services. The vast majority of reports do reach our system so please keep reporting any suspicious emails you receive.
Logged

sevenlayermuddle

  • Helpful
  • Addicted Kitizen
  • *
  • Posts: 5247
Re: National Cyber Security Centre suspicious email reporting service
« Reply #6 on: April 29, 2020, 11:10:44 PM »

Google’s gmail already catches the vast majority of malicious email.   

So if NCSC really want to chase up the perpetrators, why not just ask Google for details of the offences?   They’d get a far more reliable data source, compared with seeking input from the idiotic public.

Two reasons spring to mind...

1)  If it were that easy, Google would pursue the perpetrators themselves.
2)  By claiming to be doing something that the public thinks they understand, NCSC get themselves some publicity.
Logged

Alex Atkin UK

  • Kitizen
  • ****
  • Posts: 1729
    • My Broadband History
Re: National Cyber Security Centre suspicious email reporting service
« Reply #7 on: April 30, 2020, 03:07:14 AM »

Shortly after this I get a fake Three UK e-mail, time to test this out.  ;)
Logged
INTAKE (ECI) Zen: Home Hub 5A OpenWrt Plusnet: VMG-3925-B10B Three 4G: Hauwei B535-232 Router: pfSense (i5-7200U) WiFi: Ubiquiti nanoHD
Thinkbroadband Quality Monitors

sevenlayermuddle

  • Helpful
  • Addicted Kitizen
  • *
  • Posts: 5247
Re: National Cyber Security Centre suspicious email reporting service
« Reply #8 on: April 30, 2020, 08:30:15 AM »

A question, the answer to which I am unsure of...

...If I forward my received spam and or viruses to another recipient such as NCSC, is there a risk that the various spam filtering services will identify me as a ‘sender’ of malicious emails, with the risk that they start treating all of my sent mail as potential spam?
Logged

jelv

  • Helpful
  • Kitizen
  • *
  • Posts: 1701
Re: National Cyber Security Centre suspicious email reporting service
« Reply #9 on: April 30, 2020, 10:48:49 AM »

If the spam reached you (i.e. your email provider didn't see it as spam on the way in) they shouldn't see it as spam on the way out.

The mail servers at NSCS are not going to be reporting you as a spam sender* and they won't have any filtering service for incoming email (that would defeat the purpose, or if they do it would be specific filtering to drop those that they already know about), so I can't see where you could be possibly be identified as a spam sender.

* Unless you start creating new original malicious emails to them yourself!
Logged
Line rental: Pulse8, Broadband: AAISP Home::1 FTTC 80/20, Mobile: id Mobile

sevenlayermuddle

  • Helpful
  • Addicted Kitizen
  • *
  • Posts: 5247
Re: National Cyber Security Centre suspicious email reporting service
« Reply #10 on: April 30, 2020, 11:07:39 AM »

Hmmm, it is as long as I can remember since I received any malicious email that was not detected by Google’s spam filters and sent to my spam folder, so it’s mainly that spam that would benefit from NCSC analysis in my case.

I did once try to forward a malicious email from my spam folder.   It was a rather nasty (ie quite convincing) fake invoice/phishing attempt that had been ‘sent’ by a local firm of tree surgeons who’d recently done some work for me, and who’s account had been obviously compromised.  I phoned them first to clear the way, then tried to send it back to them in case they wanted to see the evidence.

Gmail point blank refused to let me forward it since it contained a link to a known malicious URL, but can’t remember the exact nature of refusal.
Logged

Ronski

  • Helpful
  • Kitizen
  • *
  • Posts: 3831
Re: National Cyber Security Centre suspicious email reporting service
« Reply #11 on: April 30, 2020, 09:11:02 PM »

I just read this thread, and thought perfect just deleted a spam email with a suspicious attachment, so forwarded it to the provided address and got the following failure reply.

The above failure was down to my email client (Outlook), had the same issue tonight, turned out “My Server Requires Authentication” was no longer ticked  ???
Logged
Formerly restrained by ECI and ali,  now surfing along at 390/36  ;D