The Internet offers many advantages. However, with online crime totalling $8tn globally, the system seems broken
In the UK, fraud is the most experienced crime, accounting for 40% of all crimes. Shockingly, 80% of reported fraud is enabled through online means, with many cyber-enabled frauds remaining unreported. The true number of such incidents is much higher. In response, the UK Government released a strategy in 2023 with the aim of reducing fraud by 10%. Given the vast number of cyber-enabled frauds in the UK, significant changes in the approach to cyber security are necessary to achieve this goal.
Fraudulent phishing attempts can be hard to spot. Clicking a deceitful link or paying an invoice sent by a criminal posing as the genuine sender is considered fraud and can lead to severe cyber consequences.
There are two categories of Internet crime: high-volume, highly sophisticated ransomware (cyber crime) and high- volume, low-value, low-sophistication crime (fraud). However, the initial prevention techniques for both are simple and effective. In fact, studies have shown that 80% of cyber crime (and fraud) can be prevented with good cyber hygiene.
How can Sapphire help combat cyber-enabled fraud?
Sapphire is a UK-owned and operated cyber security company. We believe that threat intelligence on fraud and cyber crime that we discover should be reported to the authorities to help close down criminal infrastructure.
We have access to a wide range of threat intelligence sources, including high-end sophisticated sources used in cyber attacks, as well as data on over 20 million fraud and cyber domains. By blocking these and practising good cyber hygiene, an organisation can be up to 80% safer against high-volume, low-sophistication fraud attacks.
Our service now includes brand takedown. We will search the Internet for ‘impersonation’ domains of your brand, provide a detailed report of findings, and, if necessary, initiate a takedown process.
Organisations face cyber security challenges such as understaffed 24×7 Security Operations Centres (SOC), inability to use threat intelligence feeds, and inefficient awareness training. Sapphire provides managed services run by cyber security experts, enabling organisations to focus on their services while ensuring safety. Sapphire also guides organisations to achieve Cyber Essentials accreditation, the first step towards achieving cyber maturity.
Cyber security awareness
Security awareness is crucial in protecting against fraud and cyber attacks. However, it’s essential to conduct it in an engaging manner that doesn’t involve annual mandatory training. Sapphire provides microlearning through a platform that tests users with benign phishing emails. Additionally, we offer engaging audience sessions for colleagues or suppliers as part of our VCISO service. These sessions bring the subject to life and give people something to discuss when they get home.
The UK intelligence community is taking steps to identify and disrupt fraudsters both within the UK and overseas. As part of the UK Government’s fraud strategy, a national fraud squad has been created with 400 investigators and global partnerships, recognising that most fraud targeting the UK comes from outside the country. To track down and disrupt these fraudsters, it is vital that the cyber community comes together and shares threat intelligence with the authorities. Sapphire is proud to work closely with the NCSC and actively shares our threat intelligence to help build a better understanding of the threat landscape in the UK. Our philosophy is that if we gain intelligence on criminal activity, we always share it with the authorities.
In the cyber security industry, it is easy to assume that all businesses prioritise cyber security. However, the UK Government’s 2024 cyber breach report indicates that not all businesses are able to conform to the ten steps to cyber security, especially in the SME sector. Shockingly, only 28% of small businesses provide cyber security staff awareness, making them an easy target for fraudsters. This is why the UK is currently considered a lucrative target for cyber criminals.
Compliance standards are implemented within the public sector to achieve minimum cyber security standards. However, as stated in the Government’s cyber security strategy for 2022-2030, there is a disparity in the level of maturity, capability, investment and security understanding across different Government organisations.
Government action against cyber-enabled fraud
The public sector faces challenges in responding quickly to the evolving threat landscape that criminals can exploit. The Government is an appealing target for a wide range of malicious actors, with the public sector accounting for around 40% of the 777 incidents managed by NCSC between September 2020 and August 2021. This trend is expected to continue to rise.
Cyber-enabled fraud is a major issue in the UK, and it affects not only businesses and the public sector but also private individuals. Fraud targeting individuals can lead to financial losses and even to mental health issues, with 300 calls to Action Fraud each year from people at risk of suicide due to fraud. Sapphire offers services to help organisations of all sizes defend against cyber-enabled fraud, recognising that prevention is the best defence against it.
It’s pleasing to see the Government strengthening regulations around cold calling and adding legislation such as the Online Safety Bill. This should enable users to be better protected from fraudulent adverts and scams online.
If you have ever been a victim of fraud, it is crucial that you report it to organisations such as Action Fraud or the Police, even if there was no financial loss. Reporting such cases can help in gathering information which can be used to identify and track down the criminals involved.
