Namecheap hosted 25%+ of fake UK govt phishing sites last year – NCSC report

2021-05-10 08:30

Domains'n'hosting outfit Namecheap harboured more than a quarter of all known phishing sites that falsely posed as UK government web presences during 2020, according to the National Cyber Security Centre today.

It also encountered the usual COVID-themed ones we've all become familiar with over the last year - fake copies of the NHS Test and Trace app laced with malware - plus sites impersonating Capita TV Licensing, the outsourced subscription sales arm of the BBC. Email scams were also popular, with 26,000 being shut down after netizens flooded the NCSC's email reporting portal with complaints of four million suspicious messages.

The NCSC also highlighted how one host in particular had featured in its takedowns of phishing sites this year: Namecheap.

UK-themed phishing sites, and hosted a 28.8 per cent share of known UK government-themed phishing sites; the second biggest harbourer of such scams last year, GoDaddy, KO'd them within about 37 hours and had an 11.2 per cent share.

"Looking specifically at the number of campaigns hosted by NameCheap against its monthly median attack availability, we see that by mid-year the median takedown times were consistently in excess of 60 hours," said the NCSC report's author, who also added that by December 2020 a full 60 per cent of gov.

"This" said the NCSC, referring to the takedown times increasing, "Undoubtedly made NameCheap an attractive proposition to host phishing and may explain the rise in monthly hosted campaigns that followed for UK government-themed phishing."

News URL

https://go.theregister.com/feed/www.theregister.com/2021/05/10/ncsc_active_cyber_defence_report/

#phishing #report #UK