- Security TWENTY
- Women in Security
Some £10.9 billion was lost to the UK economy as a result of fraud, including cybercrime, in 2015/16, according to Get Safe Online and the National Fraud Intelligence Bureau (NFIB). That equates to about £210 per person over the age of 16 living in the UK, but represents only reported fraud and cybercrime to Action Fraud.
A survey commissioned to mark Get Safe Online Day (October 18) suggests that this number is likely to be much greater, with respondents who had been a victim of online crime alone losing an average of £523 each – this being more than the average weekly earnings figure for the UK, which stands at £505. Near four in ten, 39pc of people who said they’d been victims of online crime said they hadn’t reported the incident – this meaning that the overall amount of money lost by the UK could in fact be even more.
In addition, a quarter of (25pc) the UK public said that they had a limited understanding of the risks they face when going online, but nine in 10 (89pc) said they were somewhat or very concerned about their online safety and security. 89pc also felt online crime was as damaging or more damaging than physical crime.
The research found a gap in people’s understanding of what constitutes an online crime – most, 86pc said they had not been targeted by cyber-criminals in the past 12 months. But, 68pc of people in the UK have been targeted in a variety of ways:
– 53pc received fraudulent emails or messages which have attempted to direct them to websites where their personal information could have been stolen, including bank details, user names and passwords
– Over a quarter (28pc) reported being contacted by someone who was trying to trick them into giving away personal information
– 10pc had their email or social media accounts hacked; and
– 3pc had been victims of ransomware, a fast-growing means of online extortion ·
Of those who said they had been a victim of cybercrime, over a third (38pc) said they felt that the matter was too trivial to report. Worryingly, over a third of people (37pc) also said that they felt there was nothing that could be done. But, many Britons are still not taking the basic steps to keep themselves safe online with as many as 43 per cent saying that they use the same password for multiple online accounts. In fact, even when a company warns people to change their password after a breach – three in 10 have been contacted to do so – 12pc said they did not follow the advice. The survey found that people use an average nine passwords across devices and accounts.
The research also showed that respondents only update their security software every eight a half months and two in ten (19pc) do not update their device operating systems at all. When it comes to taking care of personal information, nearly a quarter (23pc) said they never update their privacy settings on social media, with 58pc saying they did not know how to. Also, near three in ten (29pc) don’t back up their documents and photographs at all.
Tony Neate, Chief Executive of Get Safe Online, said: “The fact that the UK is losing nearly £11 billion to cyber criminals is frightening and highlights the need for each and every one of us to make sure we are taking our online safety seriously. It is clear from our survey that people are very concerned, and rightly so.
“The fact that over a third of people felt there was nothing that could have been done to stop them becoming a victim is alarming indeed – particularly when it’s so easy to protect yourself online. Also, as our research shows, people are losing large sums of money on average – £523 being the equivalent of a holiday abroad or the price of a new piece of technology in the home. As a result, it seems there is still a big education job to do. Let’s not let cyber criminals get away with it anymore by ensuring that each and every one of us is updating the operating systems of our various devices and ensuring security software is always updated. What’s more we all need to ensure that we have a different password for each online account we own and website we visit. Online safety needs to be part of our everyday routines.”
And the City of London Police’s Commander Chris Greany, the Police National Coordinator for Economic Crime, said: “The huge financial loss to cybercrime hides the often harrowing human stories that destroy lives and blights every community in the UK. All of us need to ask ourselves are we doing everything we can to protect ourselves from online criminals. Unfortunately, people still click on links in unsolicited emails and fail to update their security software. Just as you wouldn’t leave your door unlocked, so you shouldn’t leave yourself unprotected online.”
Matthew Gardiner, Senior Product Marketing Manager at Mimecast, said: “Email continues to be one of the key routes for cyber criminals to gain access to valuable data, be it business-related intellectual property or other sensitive data, or personal information on employees and customers. Considering the outstanding rise in cyber-threat over the past few years, and taking into account that the perpetrators are becoming increasingly creative in their attacks, it’s critical that organizations proactively face this issue. Expert attention is required to safeguard email – this is a matter of both risk management and personal privacy. It’s important to recognise that a “castle and moat” approach to cybersecurity is no longer viable. As attack strategies and tactics evolve, an organisation must focus on four critical areas to ensure complete cyber resiliency: people, processes, technology and users, brought into focus and with priority aided with appropriate leadership.”
And Robert Capps, VP of business development at NuData Security said “We’re saddened, but not shocked, to see these findings. In this study, the fact that online fraud costs the UK £10.9bn a year is a sad state of affairs for consumers who can often bear the brunt of the costs (especially with regard to account takeover and new account fraud). It’s absolutely no wonder that consumers are pushing back on companies to improve security, holding them accountable for it, yet still wanting to have a good experience going through the gates. Financial fraud offers a lucrative source of income for cybercriminals, totaling £755 million in 2015 in the UK alone. Cybercriminals have grown in their sophistication, exploiting the human interest factor by posing as banks or suppliers and then duping consumers into revealing their personal details. These scams have also proved effective in targeting commercial organisations, as senior executives are tricked into revealing sensitive information which enables access to a company network.
“The increasing volume of attacks globally can also be attributed to more fraudsters willing to commit the crime, more data available on the black market, and more financial institutions and merchants that are vulnerable to attacks. Plus, as more countries fully adopt EMV, we’ll see fraud continue its migratory path to all available online channels. We have to remember; fraudsters know us better than we do in that they’ve pegged our vulnerabilities. It’s time we returned the favour. They are vulnerable because they must do very similar behaviours to be successful, and guess what? We can find them by their tell-tale signals. To detect out of character and potentially fraudulent transactions before they can create a financial nightmare for consumers, we must adopt new authentication methods that they can’t deceive. Solutions based on consumer behaviour and interactional signals are leading the way to providing more safety for consumers, and less fraud in the marketplace.
“To combat these types of attacks, consumers should always report emails to their banking provider. No legitimate organisation will ask for security or banking details so consumers need to be suspicious of any email that requests this information.”