To ask Her Majesty's Government what plans they have to enable operators of the Suspicious Email Reporting Service (SERS) to respond to individuals forwarding suspicious phishing emails to the service to confirm (1) the outcome of their investigations, (2) the actions taken, and which (a) phone numbers, (b) email addresses, and (c) web pages have been blocked as a result.
28 April 2021
The Suspicious Email Reporting Service (SERS) was launched by the NCSC in April 2020 and allows anyone who suspects an email, text or other form of communication to report it to firstname.lastname@example.org or forward a text to 7726, free of charge. As of 31st March 2021, over 5,500,000 reports have been received from the public, leading to the removal of over 41,000 scams and 81,000 URLs.
The NCSC analyses the suspect email and any websites it links to and also use any additional information provided to look for and monitor suspicious activity. If any activity is discovered that they believe is malicious, they may:
- seek to block the address the email came from, so it can no longer send emails;
- work with hosting companies to remove links to malicious websites;
- raise awareness of commonly reported suspicious emails and methods used (via partners).
Every report receives an automated email response. While the NCSC is unable to inform the reporter of the outcome of its review, they do act upon every message received.
The automated response also states that SERS is not to be used to report a crime. If a person thinks they have been a victim of fraud or cyber crime, it is important that they should report this to Action Fraud (in England, Wales and Northern Ireland) and Police Scotland (in Scotland). Reports received are analysed by the National Fraud Intelligence Bureau and, where there is sufficient evidence, disseminated to an appropriate force for investigation. Action Fraud, as part of this process, also has the means to direct victims to specialist support organisations.