UK Minister praises GSE’s ‘significant progress’ as Industry Accord signed in Vienna names platform alongside Google, Meta, Amazon and Microsoft
The Global Signal Exchange (GSE) has published a case study showing how 87 email addresses and 4 URLs shared by the UK’s National Crime Agency led to the identification and disruption of nearly 50,000 fraudulent accounts and more than 5,000 fake websites – the latest evidence of what its founders describe as the platform’s multiplier effect.
Working through the GSE, Google’s Trust & Safety team analysed a batch of URLs and email addresses submitted by the NCA, identifying a cluster of Gmail accounts linked to an organised criminal network operating out of West Africa. The accounts were running multiple fraud types simultaneously – advanced payment fraud, extortion, invoice fraud and government impersonation. Google’s Cybercrime Investigation Group has since submitted a criminal referral to the NCA, which is working with local law enforcement in West Africa to pursue suspects.
The case study illustrates the step-change the GSE delivers over traditional content reporting. Rather than the conventional one-signal, one-takedown model, the platform allows signals to be shared across multiple organisations at once, enabling parallel investigations and deeper analysis. In this instance, four URLs and 87 email addresses unlocked a network of close to 50,000 accounts and 5,000 cloned bank websites, making connections that had not been made before.
The publication of the case study coincides with the release of GSE Platform 2.5.0, which introduces GSE Compass – an AI-native, chat-based interface that allows analysts to interrogate the platform’s open DNS signal data in natural language. The new tool is designed to empower a wider range of partners to interrogate the GSE’s 1 bn+ data set and derive immediate insights, without specialist technical knowledge.
The momentum behind the Global Signal Exchange has been building internationally. At the UNODC Global Fraud Summit in Vienna in March, the GSE was formally named in the summit’s Industry Accord – signed by Google, Meta, Amazon and Microsoft – as a designated platform for real-time threat intelligence sharing across borders. Separately, the UK government’s Online Advertising Taskforce Progress Report, published the same week, included a written ministerial response from Creative Industries Minister Ian Murray, who praised the GSE malvertising pilot’s “significant progress in removing barriers to cross-platform information sharing”.
“What the NCA case study shows is that the GSE is no longer a concept – it is operational infrastructure,” said Emily Taylor, CEO of OXIL, which owns and manages the non-profit GSE. “We are seeing real enforcement outcomes: accounts disabled, criminal referrals made and supply chain weaknesses being designed-out. The next stage is extending that into the financial sector, where GSE can make a significant difference in encouraging a progressive approach to data sharing in the collective fight back against the scammers and bad actors. To this end, we are currently in positive discussions with a number of major banks and global payments brands.”
“The Vienna summit also made clear that the old model of bilateral notice-and-takedown is not equal to the scale of the problem,” said Lucien Taylor, co-founder of OXIL. “What we need – and what the GSE is building – is a proactive, ecosystem-wide response. That means more regions, more sectors and more partners sharing signals in close to real time. We are in Asia this month to advance exactly that conversation on a global scale.”