Britain’s cyber defences are repelling millions of attacks every month as criminals pump out huge numbers of fake government websites and emails.
The vast scale of activity emerged as security chiefs revealed the impact of a drive to improve the UK’s ability to thwart attempted online scams.
Figures compiled by the National Cyber Security Centre (NCSC) show 4.5 million malicious emails purporting to be sent from government or public sector bodies were being blocked each month on average – or 54 million a year.
Spoof emails are designed to fool citizens into believing they have come from a trusted source so they hand over passwords or personal data.
A breakdown of agencies featuring in the most fake emails shows criminals are persistently trying to spoof local councils, as well as national organisations such as the NHS and HMRC.
The study said: “We have seen the number of messages spoofed from an @gov.uk address fall consistently over 2017, suggesting that criminals are moving away from using them as fewer and fewer of them are delivered to end users.”
Programmes to reduce the threat from cyber crime were drawn up by experts at the NCSC, which was launched in November 2016 and is part of intelligence agency GCHQ.
The assessment of the Active Cyber Defence (ACD) scheme published on Monday also showed that more than 120,000 unique phishing sites hosted in the UK were removed last year.
Phishing involves mass emails sent to large numbers of people asking for sensitive information such as bank details, or encouraging them to visit a fake website.
In 2017, the NCSC took down 18,067 phishing sites pretending to be a UK government brand.
HMRC was the most commonly spoofed organisation, with 16,064 fake websites removed.
Bogus sites were also set up in the names of agencies including the DVLA, Student Loans Company and Crown Prosecution Service.
While the volume of global phishing has gone up significantly over the last 18 months, the share hosted in the UK has reduced from 5.5% to 2.9%, according to the report.
NCSC technical director Dr Ian Levy said: “The ACD programme intends to increase our cyber adversaries’ risk and reduces their return on investment to protect the majority of people in the UK from cyber attacks.
“The results we have published today are positive, but there is a lot more work to be done.
“The successes we have had in our first year will cause attackers to change their behaviour and we will need to adapt.
“Our measures seem to already be having a great security benefit – we now need to incentivise others to do similar things to scale up the benefits to best protect the UK from commodity cyber attacks in a measurable way.”
He added: “This report shows that simple things, done at scale, can have a positive and measurable effect and the British UK public should be safer as a result of these measures.
“As these measures are scaled up, people should be asked less often to do impossible things, like judge whether an email or website is good or bad.”