Is the NCSC fit for purpose
Every serious fraud attempt I receive, is forwarded to "report@phishing....". Today I reported 5 fraud attempts and every report was rejected by the .gov host. There were no attachments (regularly used to slip malware into the receivers equipment) , so there was no reason for the government department to reject it. The average rejection rate is 40%, 2 reports out of 5 are rejected. I will continue to waste my time to make out these reports in the hope that there are operatives in the NCSC care about .the impact on the general public and businesses, not just how much money they can get away with, doing as little as possible. I am now, saving all the rejected reports as well as the accepted ones.
If the National Cyber Security Centre has a role in the fight to stop the £100b amount of annual fraud that has catastrophic consequences on the pubic and businesses, then they have to take our reports seriously. I do not report soft phishing attempts, only ones that contain menacing rhetoric and impersonation of legitimate businesses. If we allow this criminality to prevail then all, confidence in our information technology and financial organisations will be lost. Will the NCSC step up and carry out the work necessary to stop the criminals? The amount of money lost to the fraudsters would easily underwrite a more determined initiative that may or may not be the NCSC. It seems a common issue with government departments which is given a task but fails miserably.
The £100b of fraud should be enough motivation to act against fraudsters, perhaps the NCSC does not have the skills or inclination? Remember "Action Fraud" a totally wasted opportunity to prevent crime.








