According to the Office for National Statistics (ONS), people are more likely to fall victim to fraud or cyber offences than any other crime.
Almost half of businesses (46%) and a quarter of charities (26%) report having cyber security breaches or attacks in the last 12 months[1] – and one small business in the UK is successfully hacked every 19 seconds.[2]
What is cyber fraud?
Cyber fraud is any crime committed via a computer with the intent to corrupt personal or financial information stored online. The most popular cybercrimes are phishing scams, where a hacker attempts to obtain sensitive or personal information from a computer user, online impersonation and identity theft.
In the year leading up to March 2019, there were over 740,000 crimes reported and a staggering £2.2 billion was lost by victims. 65% of those crimes reported were from businesses and 35% from individuals.[3]
How to avoid cyber fraud: Advice for individuals
Being a victim of fraud can have devastating consequences for individuals, as fraudsters can gain access to all sorts of personal information as well as their bank accounts. Here are some tips to keep your details safe online:
- Make sure your devices all have solid, up-to-date anti-virus security and install a firewall and anti-spyware on your computer.
- Update all your software when prompted to do so as postponing an update can leave you vulnerable.
- Protect all your devices with strong passwords. Try to change them at least every 60 days and don’t use obvious passwords that hackers could work out.
- Cover your webcam when it’s not in use.
- Do not access any sensitive information while connected to unfamiliar WiFi networks.
- Keep a close eye on your finances as it can be difficult to know if fraud has occurred until it is too late. Check bank and credit card statements regularly and your credit rating at least once a year.
- Follow news reports of data breaches for major companies and change any passwords that you have with a company if its security is breached.
- If an email looks unfamiliar to you, do not click any suspicious links or attachments and seek further guidance from your IT Department. If you are unsure, contact the company that the email is supposedly from, to check it is not fake.
- Ensure no critical information is transferred to personal mobile phones and smart devices. Where possible, try to limit any workplace information to devices provided by your business.
Advice for businesses
For businesses too, the impact of a single, successful fraudulent event can have far-reaching implications such as financial loss, loss of intellectual property, and loss of consumer confidence and trust.
Cyber security incidents cost the average small business £25,700 in 2018 in direct costs, such as ransoms paid and hardware replaced, but this is just the beginning. Indirect costs such as damage to reputation, the impact of losing customers and difficulty attracting future customers, remains unmeasured but will surely significantly exceed the direct costs. In the UK, 44% of consumers say they will stop spending with a business for several months in the aftermath of a security breach and 41% say they will never return to that business.[4]
Here are some simple steps that businesses can take to help reduce the chances of your business becoming a victim of cybercrime:
- Back up your data regularly, as this will prevent a significant loss of data that could be business critical. It is recommended to run a daily backup out of working hours.
- Ensure that all workstations have anti-virus protection installed on them to prevent any virus or malware attacks.
- Getting certification in cyber security will not only allow your business to show it complies with cyber security standards but it also acts as a further level of trust to customers and clients that you take their security seriously.
- Educate all levels of the organisation about cyber threats through ongoing training. The National Cyber Security Centre offers free online training for staff.
- Have a formal budgeting process and ensure cyber is a part of all decision making.
- Include intrusion detection and ongoing monitoring on all critical networks.
- Track violations – both successful and thwarted – and generate alerts using both automated monitoring and as a manual log.
- Create a plan for all incidents, from detection and containment to notification and assessment, with specific roles and responsibilities defined, and review it regularly for emerging threats. The Small Business Guide to Response and Recovery helps small to medium sized organisations prepare their response to a cyber-incident and plan their recovery from it.
The UK has strict laws regarding computer crimes. At Harding Evans, our dispute resolution team is highly experienced in dealing with cases like these, including international cases, and can help individuals and businesses who have fallen victim to cyber fraud recover their losses and assets from online fraudulent activity.
Get in touch with our expert team today by calling 01633 244233 or emailing hello@hevans.com
[1] Department for Digital, Culture, Media & Sport – Cyber Security Breaches Survey 2020
[2] Hiscox Cyber and Data Insurance press release, October 2018
[3] Home Office, Understanding the costs of cybercrime, January 2018
[4] PCI Pal research, September 2019