Cyber criminals widen the net to target tradespeople
Almost 60% of traders have suffered a cyber attack, research shows


Tradespeople are being warned to take the potential of cyber attacks more seriously after new research showed almost two-thirds had fallen victim to at least one successful attempt in the past.
Commercial insurer NFU Mutual surveyed 500 tradespeople in the UK at the beginning of January 2025. Of the 61% who said they had been a victim of cyber crime in the past, 12% had customer information stolen.
The most common form of successful attack was phishing, with 20% of respondents having fallen for this type of scam. This was followed by 14% who said they had found malware or viruses installed on their computers.
Despite all this, and with 13% of respondents saying they had been targeted in the past 12 months, nearly a quarter (22%) said they were either not very concerned or not concerned at all about cyber crime in their industry. By contrast, only 25% said they were very concerned.
In response, NFU Mutual has urged trades people to reconsider their attitude to this threat.
“Tradespeople are often sole traders or small businesses so may not have the technology or protection in place against these types of attacks and that makes them a prime target,” said Nick Baker, the insurer’s cyber specialist.
"Using digital devices for payments, customer information or supplier details can all be vulnerable, so it is essential to take action against cyber risk, ensuring adequate insurance cover is in place and taking some simple, but effective, steps to try and mitigate this."
Get the ITPro daily newsletter
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
The company also highlighted the vulnerability of internet-connected devices such as CCTV and lighting, which can be used to access the corporate network or be recruited into a botnet if not properly secured.
NFU Mutual recommended that tradespeople implement some simple steps to secure their data and devices, including implementing two-factor authentication (2FA), using a firewall, strong passwords, and changing factory set passwords on hardware like routers or IoT devices.
It also recommended creating a business continuity plan (BCP), which should lay out the necessary steps to be taken in the event of a cyber incident, as well as a list of contact details for important people needed in a recovery effort. These could include IT contractors or vendors, insurers, and legal representatives.
Phishing on the rise
It’s not just tradespeople who are concerned about phishing. Research carried out for ITPro’s Future Focus 2025 report found that IT decision makers in large enterprises also consider phishing to be the main threat to their business – overtaking ransomware as their biggest area of concern. Research from analysts Gartner in May 2024 identified the emerging field of AI-enhanced phishing attacks as a new front and major area of concern for large businesses.
Smaller organizations and sole traders can also take a lesson from the recent experience of security expert Troy Hunt, whose email database was stolen in a phishing attack. Hunt was distracted and tired – a feeling probably familiar to many – and fell for a simple scam that seemed at first to be a legitimate customer service contact from his email provider.
Commenting on the attack against Hunt, Aditi Gupta, principal security consultant at Black Duck, said: “This recent phishing attack further highlights that, in the end, we are all humans, and sophisticated phishing attacks could get the best of us."
MORE FROM ITPRO
- 96% of SMBs are missing critical cybersecurity skills
- Malware-free attacks surged in 2024 as attackers drop malicious software for legitimate tools
- Fake file converter tools are on the rise – here’s what you need to know

Jane McCallion is Managing Editor of ITPro and ChannelPro, specializing in data centers, enterprise IT infrastructure, and cybersecurity. Before becoming Managing Editor, she held the role of Deputy Editor and, prior to that, Features Editor, managing a pool of freelance and internal writers, while continuing to specialize in enterprise IT infrastructure, and business strategy.
Prior to joining ITPro, Jane was a freelance business journalist writing as both Jane McCallion and Jane Bordenave for titles such as European CEO, World Finance, and Business Excellence Magazine.
-
Why are many men in tech blind to the gender divide?
In-depth From bias to better recognition, male allies in tech must challenge the status quo to advance gender equality
By Keri Allan
-
BenQ PD3226G monitor review
Reviews This 32-inch monitor aims to provide the best of all possible worlds – 4K resolution, 144Hz refresh rate and pro-class color accuracy – and it mostly succeeds
By Sasha Muller
-
Threat hunting for MSPs
Whitepaper Are you ready to take your Managed Security Service to the next level?
By ITPro
-
29% of UK SMBs cancelled cyber insurance policies in 2021
News Even if SMBs are becoming more concerned about cyber attacks, they’re unlikely to be willing to pay even higher premiums to protect themselves
By Zach Marzouk
-
Symantec flags up SMB security threats
News Security vendors warns SMBs to be on their guard against hackers using them as a way in to larger firms.
By Alexandra Velasco
-
ICO advises SMBs on avoiding data breaches
News Data protection watchdog publishes guidance to prevent small firms falling foul of the law.
By Cassie Daum
-
DDoS attackers set their sights on SMBs
News Network security vendor claims easy access to DDoS tools is putting more firms at risk.
By Caroline Donnelly
-
Q&A: Graham Palmer, Intel UK MD
In-depth We spoke to the UK managing director of chip giant Intel to get his thoughts on the company's recent Small Business Index research and industry at large changes during the past year.
By Maggie Holland
-
SMEs stuck in technology dark ages
News Research carried out by Intel suggests smaller businesses are placing themselves at a disadvantage by failing to embrace new technologies.
By Maggie Holland
-
Cisco NSS2000 review
Reviews The NSS family signals Cisco’s moves into the SMB network storage market. In this review we find out whether the NSS2000 has what it takes to stand up to the established names.
By Dave Mitchell