Fraud update 1: current risksFraud update 1: current risksFraud update 1: current risksFraud update 1: current risks
  • Home
  • What We Do
    • Our Membership
    • Charity Community
    • Business Community
    • Future Counter Fraud Community
  • About Us
    • Who We Are
    • Vision & Mission & Values
    • Contact Us
  • Join Us
    • Our Corporate Membership
    • Membership Signup
  • Events & Training
    • Members Events
    • Future Counter Fraud Community Events
    • Charity Events
    • Business Community Events
  • Resources
    • On-demand webinars
    • Reports & Research
    • Helpsheets & Guides
    • Blogs
  • MEMBERS WEBSITE
0

£0.00

✕
            No results See all results
            Published by Fraud Advisory Panel on June 7, 2022
            Categories
            • Business Fraud Watch
            Tags
            Business Fraud Network
            Business Fraud Network

            Tuesday 7 June 2022

            In this update we highlight emerging fraud threats to businesses (especially SMEs) and offer practical advice on prevention. It is based on pooled intelligence shared by members our Business Fraud Network which meets every six weeks.

            We encourage all businesses – and everyone who works with them or otherwise supports them – to read, share and act on these updates.

            Current risks

            • So far this year Action Fraud has received 1,555 reports of cyber fraud from SMEs. Current threats include malware, supply chain attacks, ransomware, insiders, phishing emails and business compromise emails.
            • Businesses providing ‘other service activities’ and the construction sector have reported the most cyber frauds to the police. Hacking (social media and email) is by far the most common crime, accounting for 60% of all reports.
            • Smaller businesses are most at risk. Possible explanations include a lack of cyber security and/or staff awareness, availability of data to steal and connections to larger businesses.
            • Ransomware attacks continue to rise. Ransomware-as-a-Service (where criminals lease out their malware to others) is also increasing. SMEs are most likely to report. Some victims have had their data published online or been threatened with this. Official advice is to not pay ransom demands to avoid repeat victimisation and because there is no guarantee that criminals will return or decrypt stolen data.
            • Reports from business to law enforcement are dropping nationally and globally (for reasons not yet understood). Businesses are encouraged to report fraud to Action Fraud and phishing to the Suspicious Email Reporting Service to help warn and protect other businesses.

            Coming up…

            • The West Midlands Police and Crime Commissioner will be publishing new research on taking a public health approach to fraud prevention.
            • The Chartered Institute of Internal Auditors (UK and Ireland) will be publishing a fraud research report at the end of June called ‘fraud is on the rise: step up to the challenge’.
            • The NCSC is running the following free cyber sessions: cyber aware (13 June), cyber aware for small organisations (16 June), and cyber essentials (22 June).

            Takeaways for business

            1. Make staff aware of the cyber threats to your business (including how to spot spoof emails).
            2. Use two-factor authentication for fund transfers and account access.
            3. Always independently verify requests to change bank details.
            4. Regularly back-up your servers, files and data. Also keep operating systems up to date.
            5. Have a password policy that includes changing default passwords, switching on password protection and avoiding predictable password combinations. For passwords think ‘three random words’.
            6. Sign up to the National Cyber Security Centre’s subscription service to receive real-time alerts, threat reports and advisories direct to your inbox. Also consider signing up to its free early warning service for notifications about potential cyber-attacks on your network.

            Download the PDF

            Business Fraud Watch Update Jun 22
            Download PDF »
            Share
            0
            Fraud Advisory Panel
            Fraud Advisory Panel

            Related posts

            what is fraud
            May 30, 2023

            What Is Fraud? — A Simple Question with Serious Consequences

            Read more
            May 24, 2023

            Fraud update 9: current risks

            Read more
            Business Fraud Network
            April 12, 2023

            Fraud update 8: current risks

            Read more

            Comments are closed.

            • Contact Us
            • Terms & Conditions
            • Accessibility

            Subscribe to our Newsletter

            Keep up to date with Fraud Advisory Panel’s latest news and updates, including our latest events, publications and press releases.
            Name
            Fraud Advisory Panel is a registered charity in England and Wales (1108863) and a company limited by guarantee, registered company in England and Wales (04327390). Registered office: Chartered Accountants’ Hall, Moorgate Place, London EC2R 6EA

            © Fraud Advisory Panel and Crown Copyright 2025. All rights reserved.
            0

            £0.00

                      No results See all results
                      ✕

                      Login

                      Lost your password?