Cyber fraud in the UK totalled £124 million last year, according to a new report by KPMG.
The firm’s Fraud Barometer reported a 1,266% rise on 2015’s figures, an increase largely accounted for by a £113 million boiler-room scam involving 750 victims. Criminals cold-called people while posing as the security department of banks, tricking them into handing over bank details.
Large- and small-scale fraud
KMPG’s Fraud Barometer mostly focuses on multi-million pound cases, but cyber crime exists on both a large- and small-scale basis.
The £113 million scam was described by KPMG as a sophisticated operation that ran “like a nine-to-five business”, but many scams don’t have these resources. While some are industrial in scale, others are street-corner operations that security experts fear are attracting unskilled criminals.
Ilia Kolochenko, CEO of web security firm High-Tech Bridge, commented: “What is particularly alarming is the rise of small online fraud committed by teenagers and people with almost no technical skills.”
Employees ‘give away the keys’
Both public and private organisations openly acknowledge that cyber attacks are widespread and “high-impact risks”, KPMG’s UK forensic partner, Hitesh N Patel, said in the report, but many run on the basis that ‘it won’t happen to me’.
Patel urged organisations to stay abreast of cyber threats, both physical and digital, to ensure that protection measures don’t become obsolete. He also noted the importance of being aware of phishing attacks: “You can have [a] variety of IT protections in place, but it’s all for nothing if you are tricked into giving away the keys to the electronic vault.”
Your biggest security threat is your own employees
Whatever your line of business, phishing is a threat you need to take seriously. If one of your employees mistakenly opens a phishing email, your entire corporate network could be put at risk.
IT Governance’s Phishing Staff Awareness Course educates staff on the risks of spoof emails, enabling you to help your team understand how phishing works, what tactics cyber criminals employ, and how to spot and avoid phishing campaigns.
We also offer a Simulated Phishing Attack, which enables you to identify potential vulnerabilities among your employees and provides recommendations to improve your security.