alexskopje - stock.adobe.com
Cyber fraud costs SMEs more than £1,000 per case
Just over half of IT and telecoms SMEs are targeted by fraudsters, with each case of cyber fraud costing more than £1,000, study reveals
Barclays Bank is stepping up a nationwide initiative to help small and medium-sized enterprises (SMEs) tackle fraud and cyber crime in the light of research that shows 51% of IT and telecoms SMEs are targeted by fraudsters, with 29% of attempts being successful.
The research also shows that fraud has cost small IT and telecoms businesses more than £1,000 per fraud and that online fraud has resulted in the loss of more than 50,000 UK jobs to date because targeted SMEs had to make redundancies to recover costs.
The job loss estimate is based on the statistic that there are 5,687,000 SMEs in the UK, that 10.6% of the more than 1,000 SMEs polled reported that they had been victims of cyber fraud, and 8.58% of these had made staff redundant to cover the cost of cyber crime.
The findings were unveiled at a cyber skills masterclass for Barclays Business Banking clients, hosted by former England international footballer and business owner Sol Campbell.
According to Barclays, there has been a rise in sophisticated fraud with criminals targeting SMEs. This includes social engineering attacks such as emails or phone calls impersonating people such as suppliers, staff members or even the CEO, tricking victims into giving out information or making payments.
With two-thirds (66%) of IT and telecoms small businesses currently offering their staff no cyber security training, there is a worrying gap in awareness and skills, the survey report notes.
Barclays said it had stepped up its efforts to educate customers, including SMEs, about the growing risks of fraud and cyber crime, investing more than £18m in the past 24 months in its national Digisafe campaign, which has already engaged five million people.
The bank also claimed to have prevented more than £857m of potential fraud and scams in the past year.
In 2017, Barclays hosted webinars attended by almost 7,000 SMEs to help keep them safe, and aims to raise that figure to 30,000 in 2018. It also hosts workshop events across the country.
Read more about fraud
- Identity fraud continued to rise in 2017, hitting an all-time high of 174,523 cases.
- UK identity fraud reaches record levels.
- UK plans laws to protect company directors from ID theft.
- Cifas calls on UK government to help tackle fraud.
- Banking malware, DDoS, ransomware and CEO fraud top UK cyber threats.
Sol Campbell said: “With a rise in online crime, it’s more important than ever that businesses keep an eye on the ball when it comes to cyber security.
“In business, as in football, you have to be strong, versatile and flexible – and as a defender, you need to trust your natural instincts. If an email or call sounds fake, check it.
“Playing as a team and training are vital in business as well as sport. Managers should invest time in letting staff know about the dangers of scams.
“As an owner of a small business that has fallen foul of cyber criminals, I’m particularly keen to raise awareness and show fraudsters the red card.”
Sol Campbell, former England international footballer and business owner
Ian Rand, CEO of Barclays Business Banking, said: “We’re on a mission to educate all small businesses of the growing risk of cyber crime and fraud.
“The staggering cost of these crimes can stop a small business from investing in new jobs, training or equipment, in turn boosting local economies.
“Fraudsters are targeting hard-working entrepreneurs, in some cases impersonating suppliers and staff, intercepting emails and sending fake invoices.
“However, the good news is that the vast majority of fraud against businesses can be easily prevented. Simple steps to increase security, such as having strong passwords and increased staff awareness, can all help combat fraud.”
Tips to help SMEs reduce fraud
1. Strong defence: The best way to keep attackers out is a strong password. It is much harder for fraudsters if you use lower and upper case letters, along with numbers and symbols.
2. Build a wall: Protect your computers with antivirus software, as well as a good firewall, and keep software updated regularly. Delete unsolicited emails with links and attachments as these could allow fraudsters to infect your device.
3. Call offside: If something feels wrong speak up and check it. Do not assume a call, text, email or invoice is genuine, fraudsters can sound convincing. Always check requests using known contact details and never move funds to a ‘safe account’, even if the request appears to have come from your bank or CEO.
4. Pay by the rules: Have a clear procedure for making payments in your firm. Always check email requests to make payments or to change payment instructions by calling a trusted number, not by return email. Unexpected calls, particularly from fraudsters claiming to be from telecoms providers and retailers are on the rise, so make sure you stay alert.
5. Team talk: Every team is only as strong as its weakest link. Boost tactical knowledge and share guidance with your team. Find out more on Barclays Bank’s fraud awareness site.
Read more about SME security
SMEs failing to address cyber threats, despite the risks.
The UK government has announced initiatives aimed at boosting SME cyber security, promoting the cyber security profession and supporting cyber security innovation projects.
Small and medium-sized enterprises typically face the same threats as bigger organisations, but lack the same level of expertise and other security resources.
The London Digital Security Centre has been set up by the Mayor’s Office for Policing and Crime as part of the mayor’s business crime strategy.