New figures from Get Safe Online and Action Fraud released today show that from March 2015 to March 2016, £1,079,447,765 was reported lost by businesses to online crime.
This comes as Action Fraud saw a 22 percent increase from 30,475 online crimes reported in 2014 to 2015, to 37,070 in the last year which highlights online crime becoming an increasing threat for businesses.
On average, each police force in the UK recorded £19,626,323 in losses by businesses in their area. However, the report highlights the true picture could be much higher, as these figures do not take into account the amount potentially lost by businesses who chose not to report online crime to the police for fear of the repercussions.
From these latest statistics, it's evident that businesses need to do more to ensure staff across the board have appropriate online fraud awareness training, so that everyone understands their role in keeping the business secure. A substantial amount of attempted fraud against businesses is successful due to lack of knowledge or sloppy habits by employees.
Commenting on the figures, Robert Capps, VP of business development at NuData Security said: “We're saddened, but not shocked, to see these findings. In this study, the fact that online fraud costs the UK £10.9 billion a year is a sad state of affairs for consumers who can often bear the brunt of the costs (especially with regard to account takeover and new account fraud). It's absolutely no wonder that consumers are pushing back on companies to improve security, holding them accountable for it, yet still wanting to have a good experience going through the gates.”
Capps added: “Financial fraud offers a lucrative source of income for cyber-criminals, totaling £755 million in 2015 in the UK alone. Cyber-criminals have grown in their sophistication, exploiting the human interest factor by posing as banks or suppliers and then duping consumers into revealing their personal details. These scams have also proved effective in targeting commercial organisations, as senior executives are tricked into revealing sensitive information which enables access to a company network.”
The online crimes businesses must watch out for
Delving into the figures, Mandate Fraud is becoming an increasingly worrying issue for businesses. This occurs when a fraudster gets victims to change a direct debit or standing order by pretending to be an organisation a victim makes regular payments to, for example a business supplier or subscription service.
It's an extremely targeted approach, and in the last year, has seen a significant 66 percent increase, with 2,323 reported cases, compared to 1,403 in 2014 to 2015.
Other types of fraud which have spiralled are CEO Fraud – where an employee is tricked into making a payment by means of an email purporting to be from a senior manager – and extortion, where files on a computer or entire network are rendered inaccessible by ransomware until a release fee is paid.
Corporate employee fraud – where employees or ex-employees obtain property or compensation through fraud, or misuse corporate cards and expenses – is also on the rise, with 1,440 cases recorded in 2015 to 2016.
Listed in the top ten most reported crimes by businesses in the last 12 months, fraud is not just an external threat, but can also affect a business from the inside.
It is therefore vital for all businesses to provide their staff with the right tools and training to be able to identify signs of fraud or suspicious activity, before it's too late, as well as having guidelines in place on whistleblowing.
Hacking is an important issue facing businesses. A fraudster can hack into a business's server, an employee's personal computer, or access email/ social media accounts to obtain private information.
In its various forms, hacking is one of the most widely reported types of fraud in the past 12 months, with 1,314 reported cases.
Crimes on the decrease
Although still one of the most widely reported crimes affecting businesses, reports of Cheque, Plastic Card and Online Bank Accounts Fraud (defined as the fraudulent use of a cheque, plastic card or online bank account) decreased by 21 percent in the last year.
These moved from the most reported fraud with 7,114 reports in 2014 to 2015, to number three in this year's most reported online crimes (5,682 cases).
Additionally, 2015 to 2016 reports of other Advanced Fee Frauds have decreased by 37 percent , moving out of the top 10 reported crimes. Other Consumer Non Investment Fraud – whereby victims are shown or test a product that isn't received, is fake, or is stolen – has also decreased by 31 percent.
Tony Neate, CEO of Get Safe Online commented: “These latest figures show the enormous, and quite frankly daunting impact online crime can have on a business, its reputation, its employees and even its continued operation. It also highlights the abundance of ways a business can be targeted, both externally, and from within. To tackle this issue head on, businesses need to review their own skills and knowledge, determine if they need outside help, and then create measures to prevent, detect and respond to potential security threats. It's all about education, and staff must be aware of this plan and trained where necessary.”
Neate added: “With new data regulations in place, we'll see more and more businesses start to report online crime and realise that the right staff training can go a long way to helping prevent this growing problem.”
The City of London Police's commander Chris Greany, the Police national coordinator for economic crime, said: “Businesses are a major target for fraudsters and these figures illustrate the significant rise in Action Fraud reports. The true figure will be much higher and businesses need to take steps as many of these crimes could be prevented. Fraudsters look for soft targets and we can all help protect individuals and business by following the advice at Get Safe Online."