Types of Fraud and Cyber Security Threats to be Aware of
Both fraud and cybercrime have been on the rise since the start of the pandemic. According to the Office for National Statistics, fraud has increased by 20% since April 2020, whilst cybercrime has increased by a staggering 91% within the same timeframe. It is important to note that there is a wide spectrum of fraudsters committing these acts, ranging from individuals taking part in low value-high volume crime to high senior authority holders in organisations acting on behalf of their employer without their knowledge or consent.
There has also been an increase in dishonest claims in the government schemes that were put in place to help support businesses following the effects of COVID-19, specifically the local business grant and bounce back loans. There was an increase of individuals claiming these loans, but many were receiving the funds into personal accounts, unrelated to business, or had recently set up a business account for the loan to be received. As soon as these individuals had received the funds, the money was quickly exported either through cash withdrawals or transfers to a third-party account.
Fraud has not just increased within the United Kingdom; this is a global issue. Thomas Tran, a Forensic and Financial Crime subject matter expert for PwC Vietnam explained in their latest Global Economic Crime and Fraud survey, there had been a 46% increase in individuals who had experienced fraud within the last year. It was also found that there has been a shift from internal to external perpetrators of fraud, along with increased bribery and corruption by local management. As seen in the UK, there has also been an increase in cyber threats along with phishing attempts on personal data and an increase of charity scams where it was unclear if the charity were acting in the interest that they claimed to be.
The rise in cybercrime has a causal link with the restrictions following on from the pandemic. Due to these restrictions, many organised crime networks experienced a drop in their usual forms of income and shifted their attention to a crime that was suited to the online world we were living in. Due to the lesser risk and ease of this type of crime, it is believed now that this shift will be permanent for many organisations. For insights and support in managing cyber risks visit our resource centre. Access to some resources is for subscribers & members only. Why don’t you become a member and gain access to world-leading information resources, guidance and local networks?
Main steps to protect your organisation against fraud
Education of the workforce is key to reducing the amount of successful fraudulent attacks. PWC’s survey also confirmed that 43% of fraudulent reports were through whistleblowing from members of staff to their colleagues. As the pandemic has caused most businesses to shift to remote working, it is essential that secure systems are in place to reduce the risk of a successful attack. Given the changes and struggles brought on by the pandemic, it is important that all businesses are aware of their network around them to stay alert in case there are any drivers that may push people into desperate times resulting in fraudulent activity.
It is extremely important that organisations realise the type of fraud they are susceptible to as the majority will experience high volume-low value fraud which is extremely hard to detect but very costly. Taher Choudhury who works at the National Crime Agency has urged all businesses and individuals to always report suspicious activity to them. All records are kept for six years and will be checked regularly against other matches, often helping provide further evidence and strengthen cases.
Jim Gee, Partner and Head of Forensics and Counter Fraud at Crowe UK suggests a 7-step process for businesses to prepare and combat these issues:
- Change the balance of human behaviour by communicating and mobilising your honest workforce.
- Shrink the dishonest minority by changing the behaviours of the peer group.
- Prevention by design. Check for where your company’s weaknesses to fraud may be sitting.
- Complete an investigation into your systems.
- Detect any trends via data science.
- Should you be subject to a successful fraud attack, pursue sanctions via the civil law.
- Consider your rights of recovery through various orders.
Recovery of costs from fraud or cyberattacks during the pandemic
There are various options for recovery of costs, however these differ between locations. In Southeast Asia, for example, it is often difficult to be successful in asset recovery from the guilty individual as the regulations are not currently in place. However, there is a process in place to allow for recovery against the individuals family members should assets have been passed across to them, as it is more than likely that the asset will remain within the family. Within the United Kingdom it is a simple process to trace any assets back to someone and the Civil Law is in place to assist with indemnity between individuals. Various orders are available to assist with recovery and contrary to popular belief, if the value of fraud is not miniscule, the recovery options are cost efficient however each case should be dealt with on its own merits.
At ICAEW we advise all our members and authorised training employers to stop and take caution when dealing with external parties. Care should be taken when considering the validity of requests, always reflect on what they are asking for and if needs be, challenge them.