UK’s NCSC unveils new guidance to help fight phishing scams

The UK’s National Cyber Security Center (NCSC) has published new guidance for companies to follow when speaking with customers through phone calls or SMS.

According to Bleeping Computer, the goal of the new guidance is to make it harder for scammers to trick the public and lead users to phishing sites.

The NCSC has called on companies to do their part in protecting consumers and tackling the rising threat of scams – with an easy way to do this is by making legitimate and fraudulent communications easier to distinguish.

The organisation recommended that when companies use SMS to communicate with an audience, they follow a set of guidelines. These include using a five-digit number instead of a regular phone number, use a SenderID that appears in place of the sending number to indicate that the sender is trustworthy, use the same SenderID consistently across all communications, try not to include web links in SMS and use as few SMS distribution providers as possible as well as auditing all messages to validate the content.

When calling customers, the NCSC has called on businesses to urge customers to call them instead and provide information on how to do it on the official site. In addition, firms should ensure that the service providers aren’t routing calls to overseas and ensure the providers have enabled anti-porting measures.

Companies should also make sure that the service providers are following the ‘general conditions of entitlement’ and are maintaining consistency by using the same numbers to call people. They should also add numbers used only for call reception to the ‘do not originate’ list and provide a way and guidance for customers to report scams.

Copyright © 2022 FinTech Global

Enjoying the stories?

Subscribe to our daily FinTech newsletter and get the latest industry news & research


The following investor(s) were tagged in this article.