Two in three UK corporate leaders fear fraudsters targeting their staff.
- Survey by Cifas highlights concerns about insider threats in UK businesses.
- Hybrid and remote working environments make companies vulnerable to fraud attempts.
- Employees are often the primary targets for phishing and social engineering tactics.
- Businesses are urged to strengthen internal controls and fraud prevention measures.
According to recent research conducted by the UK’s prominent fraud prevention service, Cifas, a significant portion of decision-makers in large UK enterprises express anxiety over potential fraud targeting their employees. The study indicates that 63% of these leaders are worried about their employees being targeted by fraudsters, while half fear the emergence of insider threats. Notably, this concern intensifies as organisations gear up for International Fraud Awareness Week from 17th to 23rd November.
The survey underscores the belief that employees are attractive targets for criminals because of their direct access to sensitive company information. Fraudsters employ various tactics, such as phishing emails and fake documents, to trick employees into taking actions like downloading malicious software or expediting unauthorised payments. Some fraudsters have been reported to approach employees directly, offering financial incentives for company information that may be exploited against the organisation or sold on the dark web.
The rise of hybrid and remote working models has further complicated the task of reducing insider threat risks. Organisations are finding it increasingly challenging to mitigate the risks posed by employees who might misuse their positions. Rachel Tiffen, Director of Learning at Cifas, emphasised that companies should fortify their procedures to keep security intact and safeguard both staff and clientele. She advocated for the development of counter-fraud competencies and fostering an organisational culture that is vigilant against fraud to effectively protect against the internal and external fraud threats.
To combat these challenges, companies are advised to implement comprehensive fraud prevention measures. Performing regular fraud risk assessments can help identify and address vulnerabilities promptly. Having a strong code of conduct along with policies covering device and data security is essential. Technology investments that enhance security controls, such as multi-factor authentication and facial recognition, are recommended to bolster defence mechanisms against fraud. Consistent vetting processes through the employee’s lifecycle and regular screening—irrespective of their job role—can further mitigate risks.
Ongoing training is vital for employees to boost their counter-fraud skills and improve their ability to detect and report suspicious behaviour. Creating confidential avenues for reporting concerns, like a whistleblowing service, can empower employees to share their worries without fear of repercussion. Additionally, observing any significant behavioural changes in staff, which might include lifestyle shifts or resistance to compliance, can signal potential issues. Prioritising employee welfare by offering support can play a crucial role in preventing dishonest actions.
Strengthening internal controls and promoting an anti-fraud culture can help UK businesses safeguard against evolving fraud threats.
