Regional Cyber Briefing

Current Threats

Web skimming malware
Criminals will exploit a vulnerability in software used at the checkout page on shopping sites to divert payments and steal details of unsuspecting customers.

This technique can be incredibly difficult to detect for both user and vendor. Web pages will often look and function the same to the user, it's only in the background that attackers are diverting payments and stealing data. 
> Advice
The NCSC have notified over 4,000 small business sites whose customers' payment details were being stolen. The centre's experts reveal that hackers are exploiting a vulnerability in popular e-commerce software, and are urging SMEs to update software to avoid financial and reputational damage.

The majority of online shops used for skimming identified by the NCSC had been compromised via a known vulnerability in Magento, a popular e-commerce platform.

For more information and protective advice please see this NCSC guidance.
Shopping online safely
New data from Action Fraud revealed that 28,049 victims lost a total of £15.4m to online shopping fraud during last year's festive shopping season. 

With Black Friday and Cyber Monday quickly approaching, fake websites and phishing emails promising truly 'unbelievable' offers are likely to be rampant. We all heavily rely on shopping online to stuff our stockings, and criminals will be looking to exploit this.

We're a strong believer in reinforcing secure behaviours not just in the workplace, but outside of it too. This is an opportunity for organisations to look after their employees by making sure they're aware of scams, whilst also developing their overall resilience to cyber attacks, which will serve them at work too.

It's also worth recognising that remote working is still the norm for a lot of us, and this looks set to continue into the future. In this 'safe' environment, we might be more willing to let our guard down. We all have our own levers, and all it takes is one well crafted and timely phishing attack to cause some real problems.

With this in mind, use the guidance in the article linked below to keep you, your loved ones, and your colleagues safe in the run up to Christmas and beyond! 
> Advice
Action Fraud have released a warning to the public urging them to be aware of scammers' tactics. This warning covers the steps that you can take to protect yourself, and what to do if you become a victim.
Business Email Compromise (BEC)
BEC is a form of targeted phishing where criminals attempt to trick staff into transferring funds, or revealing sensitive information. 

We were recently made aware of an organisation who had a legitimate email account compromised, which was then used to send phishing emails claiming that members of the organisation were eligible to receive financial support in response to the pandemic. The email contained a link which directed staff to a fake page, requesting that they supply bank details and staff information, which if given could lead to financial and identity fraud concerns.

In this circumstance the lure was financial support, but there are countless variations of different 'hooks' aiming to get staff to engage in some way. It could be employee benefit schemes, it could be salary raises, bonuses, or something not financially related. 
> Advice
Defending against these types of phishing attacks requires that organisations have in place adequate technical controls to prevent malicious software infections, secure business processes around verifying financial transactions, and frequent training and communications around identifying/reporting incidents.

The NCSC's phishing guidance is a fantastic resource which can help organisations defend themselves against these types of attacks.

If you are concerned about your organisation's ability to deal with an attack involving phishing, or you think you would benefit from a dedicated input, please get in touch and we can run workshops which focus on these types of attacks, such as those sessions found on our website.
> Reporting
If you think you have been a victim of cyber crime, please report the incident to Action Fraud via phone (0300 123 2040) or website at

If you've received a suspicious email, please forward it to the NCSC's Suspicious Email Reporting Service (SERS) at ''. More information, including advice on how to protect yourself against phishing, can be found on the NCSC website.


South West 'CiSPmas' Virtual Networking, Thu 9th Dec
This is a dedicated networking event for members of CiSP, which is an NCSC run intelligence sharing platform for anyone responsible for the cyber security of a UK organisation.

Although this may not be relevant for you directly, if this could be of interest to an IT professional within your organisation, we would appreciate if you could raise awareness of this event to them.

Event details, including how to register, are on our SW CiSP node. If you are interested in attending the event, but aren't currently signed up to the platform, find out more about joining CiSP on the NCSC website.
NFIB business focused webinar, Tue 14th Dec
Action Fraud is putting on a webinar to give an insight into the workings of the National Fraud Intelligence Bureau and Action Fraud as jointly hosted by the City of London Police. The focus of this session is on professional reports, fraud analysis and understanding the victim journey.

Whether it's the business themselves or their customer or client that are the victims, this session aims to give the attendee an understanding of what goes on after a report is made to Action Fraud and an overview of the various departments that sit within the National Fraud Intelligence Bureau. You can sign up using the Eventbrite link below.

Tue 14th Dec, 13:50:


Six million Sky routers had serious security flaw
The software bug has been fixed - but researchers say it took Sky 18 months to address. The vulnerability, that could have allowed hackers to take over home networks, could have affected anyone who had not changed the router's default admin password. Read more via BBC
New plans to boost cyber security of UK's digital supply chains
IT service providers could be required to follow new cyber security rules such as the NCSC's Cyber Assessment Framework as part of new proposals to help British businesses manage the growing cyber threat.

Other plans to protect the country’s digital supply chains include new procurement rules to ensure the public sector buys services from firms with good cyber security and plans for improved advice and guidance campaigns to help businesses manage security risks. Read more via GOV.UK
Subscribe to this mailing list
Copyright © 2021 SW Regional Cyber Crime Unit, All rights reserved.

Want to change how you receive these emails?
You can
update your preferences or unsubscribe from this list.

Email Marketing Powered by Mailchimp