For the first time ever UK email users are being asked to forward messages they believe might be connected to fraud or phishing directly to the police for as a way of gathering realtime data on criminal threats.
From 25 February, a new service run by the National Fraud Intelligence Bureau (NFIB) has been active to receive such emails, complimenting the in-depth online reporting service already in existence for people who think they have become victims of online and offline scams.
The address for the service is firstname.lastname@example.org and all possible scam emails can be sent to it, including stock 419 scams, phishing emails, and even mass pharmaceutical spam of the type that fills inboxes up and down the land.
The police want to see as many examples as possible and for a good reason. Current spam analysis systems reply on spam sinks, basically accounts on servers set up to receive spam. But from a policing point of view this has the flaw of lacking visibility on the threats that are getting through the layers of filters employed by ISPs and users themselves to reach real people.
"This is the first time we have been able to collect and analyse scam mail and emails in this way. Collecting intelligence is the key to us being able to disrupt the activities of fraudsters and target their networks for closure," said National Fraud Authority (NFA) CEO, Dr Bernard Herdan.
The web of organisations involved in this area can be slightly confusing to the unacquainted. In addition to the NFIB which collects scam email data, the site used to get information on and report fraud events is Action Fraud, which in turn is run by the NFA.
The body that investigates such crimes from a policing perspective is the Police Central e-crime Unit (PCeU), which might in some cases pass on data to the Serious Organised Crime Office (SOCA). Rounding this all off is the Get Safe Online, a government-private sector partnership that replicates some of what Action Fraud does.