Skip to main content

NameCheap named top phishing site hosting pick by NCSC

Phishing is a cybercrime used to lure individuals into handing over sensitive data to someone posing as a legitimate institution
(Image credit: Shutterstock / DRogatnev)
Audio player loading…

Domain registrar (opens in new tab) NameCheap was crowned the most popular host of UK government-themed phishing sites during 2020 after the National Cyber Security Centre (NCSC) reported it hosted around 60% of such illicit sites last year.

The NCSC report (opens in new tab) also discovered that not only did NameCheap (opens in new tab) host a 28.8% share of known UK government-themed phishing (opens in new tab) sites, it also took an average of 47 hours to disable gov.UK-themed phishing sites too.

NameCheap's takedown time was one of the main reasons why the company was an attractive proposition to host phishing, with the NCSC predicting that this may have been the reason behind the rise in monthly hosted campaigns that followed for UK government-themed phishing.

TechRadar Pro reached out to NameCheap for a comment and the company said: "Fighting fraud and abuse is a constant focus for online service providers, globally. Since the start of the Covid-19 pandemic, Namecheap has seen a 100% increase in the amount of fraud and abuse cases reported to us. This is on top of the cases we identify and take action against ourselves, the number of which has also increased tenfold. Namecheap investigates every one of these reported cases and takes action wherever abuse can be verified.

"In our ongoing battle to fight fraud and abuse cases, we work closely with our colleagues in law enforcement. This includes the NCSC in the UK, with whom we have a direct reporting line to communicate suspected fraud and abuse cases. Each case reported receives a prompt and thorough investigation, and where appropriate we take immediate action. We have worked closely alongside the NCSC for a number of years and were commended by them in 2020 for our assistance.

"However, despite this, we recognize that more can always be done. In 2020 we rolled out unique AI technology designed to prevent domains and websites using Covid-19-related terminology from being used for abuse across our systems. In 2021, we expanded this to cover certain scams involving the Royal Mail. Our partnership with Netcraft will also further strengthen our fight against these fraudsters. In addition to these efforts, we have expanded our team and continue to work diligently to bring our response time down, having reduced our response time to less than 24 hours.”

Widespread phishing

Domain registrar and web hosting firm GoDaddy (opens in new tab) was right behind NameCheap as it reportedly hosted a 15.7% share of UK government styled phishing sites and took an average of 29 hours to remove these phishing sites.

The top most targeted brands of UK government-themed phishing attacks were HMRC with 22,148 URL attacks in 2020 and generic gov.uk that saw over 16,000 URL attacks in the same year.

In 2020, there were 122 phishing campaigns which used NHS branding, and by December 2020, the NCSC said it saw the first campaign that used the COVID-19 NHS vaccine rollout as the lure.

In terms of progress though, the NCSC found that 700,595 campaigns (1,448,214 URLs) were taken down in 2020, which is a fifteen-fold increase in campaign takedowns on the figure for 2019 (45,603 campaigns and 192,256 URLs). 

In 2020, the NCSC boasted the removal of 11,286 UK government (opens in new tab) phishing campaigns, a total of 59,435 URLs. These attacks were hosted all over the world and the median availability of these attacks was 21 hours, with 52% taken down within 24 hours of discovery.

Via The Register (opens in new tab)

Abigail Opiah
B2B Editor - Web hosting & Website builders

Abigail is a B2B Editor that specializes in web hosting and website builder news, features and reviews at TechRadar Pro. She has been a B2B journalist for more than five years covering a wide range of topics in the technology sector from colocation and cloud to data centers and telecommunications. As a B2B web hosting and website builder editor, Abigail also writes how-to guides and deals for the sector, keeping up to date with the latest trends in the hosting industry. Abigail is also extremely keen on commissioning contributed content from experts in the web hosting and website builder field.