Large UK businesses are most concerned about cyber-attacks, potentially leaving them open to other types of fraud including insider and supplier fraud, according to research by fraud prevention service Cifas.

In a survey of 2,000 decision-makers responsible for training staff within large UK corporates, 71% said their chief concern was their businesses being cyber-attacked. However, Cifas points out that such incidents are not the only source of fraud losses for businesses. In the first six months of 2022, the organisation saw a 20% increase in companies being impersonated by fraudsters, as well as a 56% increase in companies falling victim to account takeover with criminals using a wide variety of methods to achieve this.

Less than half of those surveyed (47%) were concerned about employees being targeted by fraudsters, with almost the same number (45%) concerned about staff committing fraud against the business, despite 86% continuing to have staff working from home at least some of the time.

Fraud carried out by staff against their employer is on the rise, with cases filed to the Cifas internal fraud database up by nearly half compared to the previous year. The majority of these cases relate to individuals working in contact centres who have been targeted by criminals in order to gain access to accounts and processes. The figures also show a rise in ‘fraud as a service’, where fraudsters provide their services ‘on demand’ – with many advertising on social media and messaging platforms. Only 37% of those surveyed were concerned about supplier fraud.

Rachael Tiffen, director of learning at Cifas, said: “We know that there’s an appetite for fraud training and most businesses recognise its position as a core part of their training budget. However, there is a risk of relying on a one-size-fits-all fraud prevention approach. This can create real financial vulnerabilities for businesses already navigating a tough trading environment. A narrow view of the fraud threat landscape can lead to a false sense of security, making the impact of a successful fraud attempt even more devastating for the business.”

She added that widescale changes to working arrangements – with hybrid working becoming a permanent feature for many organisations – are a key reason to reassess fraud prevention measures. “Traditional fraud prevention training was developed mainly for in-office working, and as hybrid working continues to be the norm, so should businesses change their approach to fraud prevention, making sure the risks to their business of disruption and losses from fraud are minimised, no matter where work takes place.”

“As fraud continues to increase, a tailored fraud-prevention approach, informed by the latest threats per business sector will be crucial in maintaining the financial health of businesses in the UK.”

Share Story: