Businesses exposed by narrow approach to fraud prevention

Large UK businesses are most concerned about cyber-attacks, potentially leaving them open to other types of fraud including insider and supplier fraud, according to research by fraud prevention service Cifas.

In a survey of 2,000 decision-makers responsible for training staff within large UK corporates, 71% said their chief concern was their businesses being cyber-attacked. However, Cifas points out that such incidents are not the only source of fraud losses for businesses. In the first six months of 2022, the organisation saw a 20% increase in companies being impersonated by fraudsters, as well as a 56% increase in companies falling victim to account takeover with criminals using a wide variety of methods to achieve this.

Less than half of those surveyed (47%) were concerned about employees being targeted by fraudsters, with almost the same number (45%) concerned about staff committing fraud against the business, despite 86% continuing to have staff working from home at least some of the time.

Fraud carried out by staff against their employer is on the rise, with cases filed to the Cifas internal fraud database up by nearly half compared to the previous year. The majority of these cases relate to individuals working in contact centres who have been targeted by criminals in order to gain access to accounts and processes. The figures also show a rise in ‘fraud as a service’, where fraudsters provide their services ‘on demand’ – with many advertising on social media and messaging platforms. Only 37% of those surveyed were concerned about supplier fraud.

Rachael Tiffen, director of learning at Cifas, said: “We know that there’s an appetite for fraud training and most businesses recognise its position as a core part of their training budget. However, there is a risk of relying on a one-size-fits-all fraud prevention approach. This can create real financial vulnerabilities for businesses already navigating a tough trading environment. A narrow view of the fraud threat landscape can lead to a false sense of security, making the impact of a successful fraud attempt even more devastating for the business.”

She added that widescale changes to working arrangements – with hybrid working becoming a permanent feature for many organisations – are a key reason to reassess fraud prevention measures. “Traditional fraud prevention training was developed mainly for in-office working, and as hybrid working continues to be the norm, so should businesses change their approach to fraud prevention, making sure the risks to their business of disruption and losses from fraud are minimised, no matter where work takes place.”

“As fraud continues to increase, a tailored fraud-prevention approach, informed by the latest threats per business sector will be crucial in maintaining the financial health of businesses in the UK.”

    Share Story:


Cyber risk in the transportation industry
The connected nature of the transport and logistics industries makes them an attractive target for hackers, with potentially disruptive and costly consequences. Between June 2020 and June 2021, the transportation industry saw an 186% increase in weekly ransomware attacks. At the same time, regulations and cyber security standards are lacking – creating weak postures across the board. This podcast explores the key risks. Published April 2022.

Political risk: A fresh perspective
CIR’s editor, Deborah Ritchie speaks with head of PCS at Verisk, Tom Johansmeyer about the confluence of political, nat cat and pandemic risks in a world that is becoming an increasingly risky place in which to do business. Published February 2022.