58% increase in companies affected by BEC attacks

Data from Lloyds Bank has revealed a 58% increase in BEC (business email compromise) attacks in the year to date. It is important to note that the “true scale of the problem is likely to be much larger” as this is only reported fraud.

Key findings

  • The average loss to a commercial customer is £27,000.
  • One in five victims has had to make redundancies because of the financial impact.
  • Employees in law firms have been identified as the most inclined to fall victim (19%), closely followed by those in HR and IT (both 17%), and finance (16%).
  • 53% of those surveyed said that they had experienced scammers impersonating their boss.
  • 52% said that had experienced scammers posing as suppliers.
  • 37% of employees admitted that they didn’t know what to look out for in a fraudulent email or didn’t have any security measures in place.
  • Only 20% of victims said that they think twice when receiving requests at work.

This lack of awareness is a concern. Even basic training offers the potential to prevent employees from falling victim to phishing attacks.

Gareth Oakley, managing director of business banking at Lloyds Bank, said:

The rise of impersonation fraud is a very concerning issue for small and medium-sized businesses. We know that falling victim to these types of scams can be serious as the impact extends beyond just the financial implications.

Falling victim to a phishing attack can have a negative impact on employee wellbeing. 15% admitted feeling angry after an attack and 8% said that they couldn’t trust people close to them. Shockingly, 5% of impersonation fraud victims were so ashamed that they didn’t inform their team of their mistake. Hiding a mistake like this could cause further problems and much more damage.

Don’t take the risk – educate your staff

Staff awareness training should be your primary defence strategy against phishing attacks. No matter what technological defences you have in place, malicious emails will slip through, and when that happens, the only thing standing between cyber criminals and your organisation’s sensitive information is your employees’ ability to spot the scam.

Our Phishing Staff Awareness Course shows you and your employees exactly what to do in that situation. We break down how phishing emails work, how to spot them, what you should do when you receive one and what happens when people fall victim.

Ensure your staff are engaged with your phishing awareness measures with our Phishing Awareness Posters. These can be displayed around key locations in your office to reinforce security awareness in the workplace.

Take action now >>