Cyber crime surges as victims lost £35 million in six months

fraud

Victims of cyber fraud lost 34.6 million between April and September last year, a significant rise against the previous six-month period, according to the latest statistics.

Hacking of social media and email accounts were the main reason that people reported instances of cyber crime during the six-month duration, with these victims losing a total of 14.8 million.

Based on 13,357 reports, the organisation Action Fraud, led by the nationwide fraud-centric City of London Police force, revealed the total loss monetary loss represented a 24% increase on the previous six months.

"In particular criminals are targeting social media users and online account holders in a bid to make money and steal personal details," said City of London Police commander Karen Baxter. "This leaves victims out of pocket and at risk of identity theft."

"To avoid falling victim, it's important that people keep a strong, separate password for their email accounts. They should also use the latest software and app updates.

"Always be suspicious of unsolicited requests for your personal or financial information and never call numbers or follow links provided in unsolicited texts or emails; contact the company directly using a verified and trusted email or phone number."

The figures, however, may only be representative given they are based on cases where the fraud was reported to the authorities and could mask the true scale of crime that businesses across the UK face.

A report from Finance UK, the trade body for the finance sector, released in September showed the value stolen by online fraudsters exceeded 500 million in the first half of 2018. The figures showed that while the amount stolen year-on-year was down by 2%, the number of victims rose by 10%.

Mimecast's product manager Hiwot Mendahun said organisations must be focusing on prevention as much as mitigation, in light of Action Fraud's figures.

"With email at the forefront of crime, it's right that the advice centres on good email security, but multiple strong passwords and the use of DMARC (domain-based message authentication, reporting and conformance) is not the silver bullet to lock criminals out," she said.

"Strong passwords are no substitute for MFA (multi-factor authentication), and DMARC is only helpful when attackers directly spoof the email domains of trusted and relevant organisations.

"Businesses need to cultivate a culture of cybersecurity across their organisations, so any protective systems or processes in place are supported by targeted user awareness and engagement. Blindly following guidelines without adequately considering the fluctuating nature of risk will only make individuals and businesses think they are secure when they aren't."

Among the most prevalent forms of cyber attack faced by organisations are banking Trojans and ransomware, which saw an 84% and 88% increase respectively last year, according to a Malwarebytes report.

Ransomware attacks particularly are one such form of cyber crime that organisations may, in some cases, be more likely to be reluctant to report, rather opting to pay the ransom that's demanded and move on.

Keumars Afifi-Sabet
Contributor

Keumars Afifi-Sabet is a writer and editor that specialises in public sector, cyber security, and cloud computing. He first joined ITPro as a staff writer in April 2018 and eventually became its Features Editor. Although a regular contributor to other tech sites in the past, these days you will find Keumars on LiveScience, where he runs its Technology section.