Savvy Brits have reported over 10.5 million suspicious emails to the UK’s cyber experts, resulting in the take down of 76,000 online scams. Scams related to the NHS, online delivery companies, cryptocurrency investments and more have all been stamped out thanks to public reports to the National Cyber Security Centre, which is a part of GCHQ.

Opportunistic criminals have taken advantage of more people using digital devices than ever before with scams that can lead to accounts being hacked. Last year saw a 161% increase in unauthorised access to personal information offences – including hacking.

In response, a major government campaign has been launched across broadcast, online and almost 2,000 billboard adverts to publicise actionable advice on defending digital assets.

The eye-catching campaign recommends that people and small businesses use passwords made up of three random words and enable two-step verification (2SV). This will help keep out anyone who should not have access to an account, by requiring a second step after the password is entered, such as a code texted to the account holder’s phone.

In line with Cyber Aware’s advice, many email providers are now encouraging their customers to use 2SV. Several online services such as those provided by HMRC also now ask their users to follow the Cyber Aware password advice.

“The British public’s response to our Suspicious Email Reporting Service has been incredible and led to the removal of thousands of online scams,” said NCSC Chief Executive Lindy Cameron. “But there is even more we can do and by following our Cyber Aware steps to secure online accounts – starting with email – people will dramatically reduce risks including financial losses and personal data breaches. We all have a role to play in our collective cyber security and I urge everyone to follow our Cyber Aware advice to make life even harder for the scammers.” 

“Online scams and fake ads target us all and we’re determined to stamp them out. Everyone can help contribute to the country’s cyber security by being vigilant, reporting suspicious communications, and using secure methods to safeguard accounts,” said Chancellor of the Duchy of Lancaster, Steve Barclay. “I urge everyone to check out the National Cyber Security Centre’s website which has some great advice on how to protect yourself online, including enabling two-step verification and using passwords with three random words.”

“I am determined that we do all we can to put an end to cyber crime and stop criminals who exploit our vulnerabilities online,” said Home Secretary Priti Patel. “It’s particularly important at times of heightened international tension that we are all vigilant to the risk of cyber security breaches and follow the simple steps set out in the Cyber Aware campaign.”

Using three random words allows people to set passwords that are unique, strong enough and easier to remember. Enabling two-step verification significantly decreases the likelihood of an account being hacked. Stealing a password can be simple – stealing a password and a device used to authenticate a login is much harder.

Cyber Aware is a cross-government campaign delivered by the NCSC, Home Office, Cabinet Office and Department for Digital, Culture, Media, and Sport as well as law enforcement.

Launched in April 2020, the Suspicious Email Reporting Service helps the NCSC remove scam URLs and HMG and policing identify new trends and patterns in phishing emails to take appropriate action. Individuals are encouraged to continue reporting suspicious emails by forwarding them to [email protected].

People who have lost money to a scam should tell their bank and report it as a crime to Action Fraud (for England, Wales and Northern Ireland) or Police Scotland (for Scotland).

Advertisements across radio, social media, and outdoor billboards, encouraging citizens to strengthen their email passwords by basing them on three random words, and further securing their email by enabling two step verification run from now until May 2022.