back to article Something a bit phishy in your inbox? You can now email suspected frauds straight to Blighty's web takedown cops

The National Cyber Security Centre has launched the Suspicious Email Reporting Service: a new email address for reporting scam mails to a government department that might actually do something about it. The cybersecurity service, an offshoot of eavesdropping agency GCHQ, said it has set up an "automated programme" that will " …

  1. Anonymous Coward
    Anonymous Coward

    Obviously ==>

    I'd be unwilling to volunteer any information to GCHQ because of its long history of taking it anyway without my consent.

    1. Mr Dogshit
      Facepalm

      Re: Obviously ==>

      Without your consent? Do you really need the Official Secrets Act explaining to you, you mooncalf?

  2. wyatt

    How long until the NCSC are receiving spam!?

    1. Mr Humbug

      Isn't that what they've asked for?

  3. Andy Non Silver badge
    Big Brother

    Not sure I trust

    bungling bureaucrats to take down domains. If I forwarded them a phishing email they'd be more likely to take down my domain rather than the one in the forwarded email.

  4. anthonyhegedus Silver badge

    How will they know the difference between an actual spam / dodgy email coming in, and me forwarding one? The scammers will just bombard it with FW: Suspected phishing spam type emails just to overload the thing, and frustrate their efforts to take stuff down.

    1. Will Godfrey Silver badge
      Unhappy

      In fact I would expect the simplest way for the scammers to screw this is to keep reporting legitimate mainstream sites from across the world, using faked (scraped) email addresses.

      1. ItWasn'tMe
        Meh

        Yep, drown it in false positives. Presumably the automation workloads have been specified to cater for this.

      2. Peter2 Silver badge

        Yeah... I uh.

        Did you know that the National Cyber Security Centre parent organisation is GCHQ? Pissing these people off with deliberate false reports is probably not the wisest idea going.

        1. Yet Another Anonymous coward Silver badge

          >Pissing these people off with deliberate false reports is probably not the wisest idea going.

          So if I work for Putin or Pooh-bear and I use this to get them to block a bunch of pro-democracy or anti-government sites, what are GCHQ going to do - send a gunboat ?

      3. Pier Reviewer

        If only the NCSC has ppl capable of performing threat modelling and risk assessment before they rolled this out!... Luckily the commentards can pick up the slack, and the NCSC can hopefully fix this terrible oversight -.-

  5. MrMerrymaker Bronze badge

    A dentistry question

    So what teeth do they have, in terms of following up, identifying and shutting down?

    Most of my spam seems American in target, essentially shilling health care, an Orwellian nightmare. Let me guess, the jurisdiction is limited to our shores...

    (and then there is the question of efficacy)

    1. Yet Another Anonymous coward Silver badge

      Re: A dentistry question

      >So what teeth do they have, in terms of following up, identifying and shutting down?

      The UK national ninja-cyber secret security agency can employ a range of active counter-measures culminating in the ultimate deterrent of .... A stiffly worded letter

      (the agency is not currently funded to permit overseas letters in the event of a foreign enemy)

  6. Anonymous Coward
    Anonymous Coward

    DDOS heaven

    Now there is a target!

    AC for obvious reasons...

  7. Anonymous Coward
    Anonymous Coward

    So timely!

    I am really pleased about this. I am fairly convinced that the dodgy bloke across the road has been secretly taking Penguin biscuits on his walk's - which twice this week have lasted more than 60 minutes - once a whole 62 minutes. Plus I know he has been out and bought an illegally frivolous foodstuff, because I saw a suspiciously French lookin baguette poking out of gis shopping bag, and no one needs to risk our country by going over to France for foodstuffs, but since my CCTV isn't working since I wrapped it in tinfoil to keep the postman's germs from contaminating my wifi I was unable to prove this. Now I can shop him for dodgy emails - I knew that 'Hi - Just reaching out to the street to see if anyone needs help' had to be a scam.....

  8. Tubz

    and if you fancy a bit of spamming ... report@phishing.gov.uk

    1. Yet Another Anonymous coward Silver badge

      what happens if you report phishing.gov.uk as a phishing site ?

      1. John Brown (no body) Silver badge

        Please don't. It might break the internet.

  9. Spacebots

    So how is this different from The National Fraud Intelligence Bureau, NFIBPhishing@city-of-london.pnn.police.uk which I've been forwarding all phishing emails to for several years now? They appear to be doing exactly the same thing.

  10. Kevin McMurtrie Silver badge

    Shut down CloudFlare? Political pressure on SF?

    Most scam sites are served by CloudFlare's edge cache. When I've called them about phishing and robocall scams on their systems, they've told me to file a police report if I think there's a crime being committed. CloudFlare is in San Francisco where the police will not, by policy, respond to anything less than rape or murder.

  11. Spacebots
    FAIL

    Not working!

    The automated reporting system appears to be broken. I got a phishing email this morning to one of my email addresses purporting to be from Virgin Media saying my account was about to be disabled due to non payment and asking for me to verify my payment method. So I forwarded the email and it bounced due to containing spam. I tried sending the email as an attachment instead and it still got bounced. Finally I sent an email asking how exactly we are supposed to report phishing emails, which went through but then got an automated email thanking me for my report.

  12. Dr Paul Taylor

    Plausible

    Reg commentards often make very intelligent comments about IT issues, so I am surprised by the silly ones here.

    Obviously a service like this isn't going to achieve anything if the emails have to be handled by humans.

    However, if there's a dataset of a million alleged phishing attacks, at the very least the domain names and IP addresses can be harvested and counted from the bodies and Received: headers of the emails to highlight the ones that ought to get some human attention. Equally, anyone trying to defame legit sites would be found out to.

    Indeed, isn't such a system known as a **honeypot**?

    It would be nice if the article had gone into more detail to say whether this is actually what is being done, or whatever other tricks they have up their sleeves.

    1. Anonymous Coward
      Anonymous Coward

      Re: Plausible

      "Received: headers"

      Not sure what exactly you mean but there won't be any received headers on the phishing e-mail they received as there is no longer an easy way for most e-mail clients to "forward as an attachment" without specific instructions from the end user. The request also doesn't mention forwarding the e-mail as an attachment. Therefore headers will be lost and it will only be the body that remains.

  13. Anonymous Coward
    Anonymous Coward

    On a point of detail...

    The article links to another with the title: "If there were almost a million computer misuse crimes last year, Action Fraud is only passing 2% of cases to cops" but surely action fraud IS the cops, the web address being actionfraud.police.uk

    1. Anonymous Coward
      Anonymous Coward

      Re: On a point of detail...

      That's the domain name, doesn't mean they are the police. Domain name can be registered or used by anyone that the registrar is allowed to give them to

      1. Richard Cranium

        Re: On a point of detail...

        No. Anyone can register (almost) any domain name, the uk police registered police.uk under which they have several subdomains like actionfraud.police.uk only the owner of a second level name can register subdomains of that name.

        1. This post has been deleted by its author

  14. lsces

    Report email scam ...

    Report email scam has been a feature in Thunderbird for a long time and using it where the link is not already providing a 'deceptive site' block usually proves effective when checking follow up messages. That this is now implemented via google rather then the original Mozilla service is more of a concern and I trust GCHQ more than I do google! What SHOULD change is that international law enforcement actually deal with the people carrying out the fraud, rather than google simply 'giving them a slap on the wrist' ... so getting GCHQ involved in the process makes a LOT of sense to me, but has to be a coordinated international framework. And direct access to those fraudsters details where they are using 'money laundering services' like bitcoin should be a first step in bringing down internet fraud?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020