Money.co.uk have released their first Business Fraud report, which uncovers that in the past year the average losses for UK organisations to fraudsters was more than £2.1 billion.
The report analyses police figures on organisational fraud and cyber crime to reveal what types of crime targeting businesses and other organisations are on the rise in the UK, where it’s happening, and what kinds of organisation it’s affecting the most.
2022-23’s Quarterly organisational fraud and cybercrime figures
Q3 2022 saw the highest value of reported losses, accounting almost half (46%) of the losses of the previous 4 quarters put together – though in terms of the number of reported cases, the most recent quarter was the highest. In total organisations in the UK lost more than £2.1 billion over the previous 12 month period.
What were the most common cases of fraud and cyber crime in the UK last quarter (Q4 2022) vs this quarter (Q1 2023)?
# = number of crimes reported
£ = reported losses
Banking Fraud was the most common type of fraud, and represented the biggest value of losses for each of the last four quarters, accounting for over £833 million lost in total. Banking fraud covers both unauthorised access to bank accounts (e.g. via hacking) or authorised fraud (where a victim with access to an organisation’s accounts is tricked into paying money to a criminal).
In terms of total losses, the most recent quarter saw an 80% drop in value lost compared to the previous quarter for banking fraud.
James Andrews, money.co.uk business insurance expert says:
“Fraud and cyber crimes cost businesses more than £2.1 billion in the past year. This is a reminder for organisations to invest in business insurance.
“Commercial crime insurance specifically protects businesses against crimes including theft, identity fraud, malicious data damage and securities fraud. When choosing a policy, it’s important for business owners to make sure it covers not only crime by employees but also from third parties.
“If you are using a credit card for business spending, It’s important to note that business credit cards aren’t covered under Section 75 of the Consumer Credit Act (which allows individuals to claim a refund from their credit card provider if the selling merchant can’t be contacted or denies any wrongdoing).
“This is because they are registered to businesses rather than an individual.This makes it even more important to protect your business from theft with an insurance policy.”
What types of organisations are targeted by cyber crime?
Organisational fraud is most likely to affect limited companies – as you expect given they account for 96% of corporate body types. Notably the number of crimes affecting PLCs (publically limited companies – i.e. companies with publicly traded shares) dropped by approximately 75% compared to the previous quarter.
Where have crimes increased the most quarter to quarter?
Looking at mainland police forces in the UK, Durham saw the biggest rise in organisational crime since the last quarter – more than 52% (though it sees a relatively small number overall – only 32 in the most recent quarter. This was followed by Hampshire (48% – to 248 crimes) and South Wales (45% – to 106 crimes).
Overall, 22 of the 45 mainland forces saw a greater than 10% rise in the number of crimes.
At the other end of the scale, Northamptonshire saw a drop of 58%, followed by City of London (25%) and Cumbria (21%). Only 7 forces saw a drop of greater than 10%.
How to protect your business from fraud and cyber crime
James Andrews has provided the following tips to keep your business safe from fraudsters:
- “Make sure you invest in a comprehensive business commercial crime insurance policy which covers both inside and out of house crimes.
- Consider taking out cyber security insurance. The cost of an attack can be far higher than simply replacing laptops or repairing databases, and insurance can make sure your business is covered for more eventualities.
- Check you have up to date antivirus software on your business computer, work phones and tablets to help protect yourself from cyber attacks.
- Banks and other official bodies will never request details such as credit card numbers or other personal information over the phone or email, so if someone is doing this, be wary as they could well be trying to defraud you.
- Provide your business employees with mandatory security training to make sure they are aware of potential scams/fraud/cyber crimes such as phishing, and know how to deal with an attack.
- Finally, If you do find yourself in a position where you have unexpectedly lost money, it is important that your bank is made aware of this as soon as possible, as depending on the circumstances, they may be able to help find the culprit or return your money to you.”