This website uses cookies to enhance your experience and to help us improve the site. By using our website you consent to cookies being placed on your device, unless you change your settings to disable them.

Please see our Cookies Policy for further information about cookies and how to disable them.


Charity fraud

We’re trying to cure cancer, why would anyone attack us?


You heard on the news this morning about another big cyber crime attack. Everyone has been advised to change their passwords and update their software.

But no worries, because charities don’t get targeted by criminals, do they? After all, you do such good work. And besides, you have a million and one things on your ‘To Do’ list today, and there is no way you have the time to make all the changes that have been suggested.

Well, I’m afraid to say that charities are absolutely not immune to cyber crime – quite the opposite in fact. Charities and voluntary organisations of all sizes are falling victim to a range of attacks (in exactly the same way as businesses and the public are), and the consequences can be devastating.

Furthermore, charities have additional vulnerabilities to certain types of cyber crime due to the trusting nature of the sector. For example, charity staff may be more susceptible to being socially engineered into clicking on ‘dodgy’ links within an email, which can then infect the computer with a virus.

Regardless of the size and nature of your charity or voluntary organisation, you will hold information that is of value to a criminal. Also, you will all hold funds – however small – and any loss of money could be very damaging. Not only will it affect your ability to deliver your work, but it may also affect your funders’ trust in your ability to manage their money and their details securely.

Many charities also hold sensitive information about their beneficiaries that could be useful to someone with malicious intent, such as the ex-partner of a domestic violence victim who’s trying to track them down. Or just imagine coming into the office one day, switching on your computer and there’s a message saying you can’t access any of your systems until you pay a ransom. If this lockout continued for days (or even weeks), could your charity survive?

This may all sound quite alarming, but there’s no need to be panic. The National Cyber Security Centre has created a Cyber Security: Small Charity Guide, which contains simple and free (or low cost) steps that will help protect your organisation from the most common types of cyber crime. The advice contains 5 areas for charities and voluntary organisations of any size to focus on; and best of all they’re quick to implement, so it won’t eat into your precious time.

We really hope you find this guide easy to use and would welcome any feedback to help us continue to ensure we are providing you with actionable advice.

To download the guide please visit


Kate S

Head of Charity and Public Engagement, National Cyber Security Centre

Back to blog