Ransomware Taskforce (RTF) announce framework to combat ransomware

The National Cyber Security Centre's international partners are crucial to their ability to defend the UK against the proliferation of threats we face. The Ransomware Task Force (RTF) is a US-led team convened in early 2021 with participants from governments, software firms, cyber security vendors, non-profit and academic institutions from across the world, which includes the NCSC and National Crime Agency (NCA). Recently, a new framework published by the RTF highlights the power of collaboration to address widespread cyber threats.

NCA on Ransomware Task Force
Pupils in north London crowned champions of the NCSC cyber contest for girls

Four pupils from Highgate School in north London have been crowned the winners of the 2021 CyberFirst Girls Competition run by the NCSC, triumphing over more than 6,500 rivals. The first ever virtual final saw ten teams from England, Ireland, Scotland and Wales apply their knowledge in cryptography, logic and networking to complete tasks based on a fictional scenario where Internet of Things devices were infected with malware.

Cyber-attack hackers threaten to share US police informant data

Russian-speaking ransomware group Babuk has targeted Washington DC’s Metropolitan Police Department and is allegedly threatening to leak the sensitive data of police informants if no contact was made within 3 days. AP news agency reported that the criminal group stated that they had downloaded a “significant amount of information” from the police’s internal network. Screenshots shared by Babuk on the dark web, and subsequently through social media, implies that the group has also gained access to information involving intelligence reports and criminal gang activity.

Microsoft Office SharePoint Targeted With High-Risk Phish, Ransomware Attacks

Microsoft SharePoint servers are being targeted by a dangerous and convincing phishing campaign and pursued by a ransomware group who are utilising a historic bug.

The phishing messages are masked with a Microsoft Office SharePoint theme that allows it to bypass security email gateways. The messages claim that they require an email signature and is equipped with bogus a hyperlink.

FluBot: Guidance for ‘package delivery’ text message scam

A novel spyware dubbed ‘FluBot’ has recently emerged and is affecting Android devices across the UK. As a result, the NCSC has released guidance regarding how to deal with and protect yourself against this threat.

The FluBot spyware is being delivered by text messages masquerading as ‘parcel delivery’ messages, along with the message is a prompt to download a tracking app to aid a ‘missed delivery’. The spyware is installed when a victim receives one of these malicious texts and downloads the app that is, in fact, the spyware that aims to steal sensitive information and passwords as well as access your personal contacts to send out more malicious text messages - thus spreading the spyware further.

While Apple users and devices are not currently thought to be at risk if they receive the fraudulent text, they may still be directed to a scam site that has the potential to steal data and personal information.
If you believe you have received a malicious message you should:
  • NOT click any links within the message or install anything, if prompted to.
  • Forward the message to 7726 which is a free of charge spam reporting service that allows the provider to investigate the origin of the text.
  • Delete the message - do not reply.
Currently, these scam messages are claiming to be from DHL delivery. If you are expecting a parcel, it is best practice to go to the website directly to track your delivery. It is important to note that while it appears these malicious texts originate from a fake DHL sender, cyber criminals are constantly evolving their scams so be wary unexpected of texts from other sources.
If you believe you have already clicked the link to download the malicious app then:
DO NOT enter your password or log into any of your accounts until the below steps are completed. To clean your device you need to:
  1. Perform a factory reset as soon as you can. You can find information on how to do so at:
  2. If your device asks whether you want to restore from back up avoid doing this as backups created after the installation of the app may also be infected.
  3. Protect you accounts by changing the passwords of accounts accessed after the download of the app and any other accounts with the same password/

Telegram Platform Abused in ‘ToxicEye’ Malware Campaigns

New research has uncovered that malicious actors are abusing the popular messaging app Telegram by inserting its code inside a Remote Access Trojan (RAT) known as ToxicEye. A machine infected with the ToxicEye malware can be operated through a hacker controlled Telegram account, the malware can then install ransomware, take over file systems and access data.
Why iOS 14.5 is Apple’s biggest privacy update yet

Apple’s new iOS 14.5 code will grant users new control over the ways their apps track them. For the first time, users will have the option to opt in or out to allow their downloaded applications to track their activity. However, the biggest change the update will offer is to the App Tracking Transparency involving the Identifier for Advertisers (IDFA).
Hackers Inject Malware Into Widely-Used Password Management App

The popular password management app known as Passwordstate has fallen victim to hackers who are injecting malware into the applications update system. The breach took place between the 20th and 22nd of April, during that time the malicious actors implemented “sophisticated techniques” in order to insert the malware amongst real updates.
1 Million Android Mobiles Hacked by Fraudsters to Watch Smart TV Ads

Cyber criminals have infected more than 1 million Android mobile phones with malicious software that allows them to rack up fake views on ads in order to gain profit for the malicious ad developer in a highly sophisticated fraud campaign.  
What can we offer you?
Get in Touch
Click here to subscribe to the Cyber Crime Sentinel Newsletter!

SME Inputs 

Join our monthly online webinars aimed specifically at Small and Medium-sized Enterprises to discover what cyber threats could potentially impact your business and get the latest advice and cyber awareness training for all staff. To register visit:

Protect Officers from West Midlands Regional Cyber Crime Unit and West Midlands Police Economic Crime Unit are teaming up to deliver protect advice to businesses who are at risk of the constant evolving threats that fraud and cyber crime pose. To register visit:

Cyber Security Awareness Webinars: Schools and Education

Join our online webinar aimed at schools and educational organisations and discover how cyber attacks and ransomware are being used to target them. Get the latest advice and cyber awareness training for all staff.

Please note: All participants are screened before being invited to the event. Please use your corporate email address when registering.

Cyber Choices: Virtual School and Education Events

Join our online webinars aimed at schools and educational organisations for advice and support on how we can help young people make informed cyber choices and use their cyber skills in a legal way.

Please note: All participants are screened before being invited to the event. Please use your corporate school email address when registering.

UK Education and Childcare Sector Alert and Resources

The National Cyber Security Centre has released the following guidance to schools - Cyber Security for Schools.  This page houses free resources for everyone working with schools. The education sector has recently been affected by a number of cyber incidents. 

Alert: Further targeted ransomware attacks on the UK education sector by cyber criminals

Support for UK education sector after growth in cyber attacks

New NCSC guidance aimed at the UK Early Years education and Childcare sector
The new guidance, produced in association with key stakeholders in the Early Years sector, will help organisations protect the growing amounts of sensitive information held on children and their families, from both accidental damage or from online criminals.

Get in touch with us if your school or organisation would like support with staff training. 

If you think you may have been the victim of fraud or cybercrime and incurred a financial loss or have been hacked as a result of responding to a phishing message, you should report this to Action Fraud 

Spotted a suspicious email? If you have received an email which you’re not quite sure about, forward it to the Suspicious Email Reporting Service (SERS):

Alternatively you can call 0300 123 2040
to report and obtain advice about fraud or cyber crime
Our lives are relying on technology more every day. Join us each week for your bitesize cybersecurity podcast. In this increasingly technical world we deliver non-technical cyber news, and identify the current threats we’re facing.

Our colleagues in the West Midlands Police Economic Crime Unit also produce cyber and fraud focused business newsletters. If you wish to subscribe to their newsletter, please e-mail  - 


The WMCRC work with local Universities and Police forces in Staffordshire, West Midlands, West Mercia and Warwickshire to provide you access to the latest information on emerging cyber threats, criminal trends and best practice to protect your business.
Apple Podcast
Copyright © 2021 West Midlands Regional Cyber Crime Unit, All rights reserved.

Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list.

Email Marketing Powered by Mailchimp