Latest newsletter from the South West Regional Cyber Crime Unit

We have had a report that criminals are using our name in a phone scam. The report is that criminals are pretending to be from the South West Regional Cyber Crime Unit, and calling people using an automated message that says their internet has been compromised and will be shut down within 24 hours, and if they want to speak to the technical team they should ‘press 1’.

This is a scam, if you do receive a call like this, hang up the phone immediately.

The South West Regional Cyber Crime Unit do not operate an automated call service. If we do contact you, we will provide you with a way of verifying that it is us, such as a collar number which you can then give to a 101 call handler if you need to confirm the caller’s identity.

If you are concerned that you have been a victim of this or any other type of cyber crime, report to Action Fraud on 0300 123 2040, or online at

For advice on protecting yourself against this type of scam, visit the Take Five campaign website at

Current threats

Business Email Compromise (BEC)

A targeted form of phishing where criminals impersonate senior executives, or departmental authority figures, in order to get others to transfer funds or sensitive information to the imposter.

BEC can happen in different ways, but generally speaking a criminal will either hack into an executives email account, or they will ‘spoof’ the account (i.e. email from a lookalike account which is very similar to the original account). If an email has been spoofed then email filters may be able to help prevent these from reaching employees.

If an account has been hacked, then this is much harder to combat, as requests are coming from a legitimate account so detection software won’t be much help. This type of BEC allows a criminal the opportunity to directly alter invoice attachments, and even set up rules which will redirect emails into folders to cover up their tracks.


  • Check all correspondence and documents for inconsistencies in spelling, grammar, content, and for signs of social engineering. These include urgency, authority, intimidation or emotional appeals. If something doesn’t feel right, Take Five to think about whether it is a legitimate request.
  • Educate and train staff to defend against Phishing attacks – see the NCSC’s guide on this at . This guidance also includes information for IT staff on configuring email filters effectively, which can counter certain types of BEC.
  • Minimise the amount of sensitive data available online about your organisation. Criminals will use any data that they can to make their phishing attempts more credible. For example, are your suppliers referred to on your website? Do your employees advertise their job title and other sensitive data via social media?
  • Agree secure processes between employees internally and externally for your organisation to confirm certain purchases. For example, calling to double check when a change in payment details is requested, or contacting suppliers through separate channels to confirm orders etc.
  • Install and frequently update antivirus and anti-malware software to protect against malicious software looking to compromise email accounts.
  • Every Report Matters – if you have been a victim of fraud or cyber crime, report it to Action Fraud (either online at or call 0300 123 2040).

Useful Links

NCSC Black Friday CyberChat
Not sure how to securely set up your devices? Wondering about how to create the ultimate password? This Friday the NCSC’s Twitter account (@NCSC) will be hosting a Q&A, so get your questions in beforehand using #cyberchat.

Cyber Essentials
Cyber Essentials is a government backed scheme which helps to ensure that your organisation is protected against the most common cyber threats. Find out more about the scheme at