KPMG: Online Fraud in 2016 Topped £120 Million

KPMG: Online Fraud in 2016 Topped £120 Million

Online fraud in the UK hit £124 million in 2016 with some scammers making up to £2m per week, according to new stats from KPMG.

The global services giant’s bi-annual Fraud Barometer claimed total fraudulent activity in the UK last year burst through the £1 billion barrier for the first time since 2011.

Cyber comprised just over 11% of that figure – jumping a massive 1266% from 2015 figures.

However, there were caveats.

First, the report is comprised only of cases which have reached court – meaning the stats are likely to represent just the tip of the iceberg when it comes to fraud. Indeed, cyber fraudsters are harder to track and prosecute, which could explain the relatively low percentage ascribed to this category.

Also, around 90% of the losses to online fraud described in the barometer were down to a single case of £113m – the largest fraud since 2008.

In this case, scammers cold-called their victims pretending to be bank anti-fraud staff. Once they obtained key security questions they were able to log-in to their victims’ accounts and siphon off funds.

During this time, the victims were apparently unable to make or receive calls.

This 9-to-5 operation is said to have netted the scammers – who used info from corrupt insiders – between £1m and £2m per week at its height.

“Both public and private organizations openly acknowledge that cyber-attacks are one of the most prevalent and high-impact risks they face, and yet many operate on the basis 'it won’t happen to me',” argued KPMG partner, Hitesh Patel.

“Organizations must keep abreast of the cyber-threats, both physical and digital, to ensure the protection mechanisms don’t become obsolete given the pace of technology and business change. You can have variety of IT protections in place to defend yourself, but it’s all for nothing if you are tricked into giving away the keys to the electronic vault.”

Last week, the Office of National Statistics estimated around 1.9 million online fraud incidents in the UK last year.

“Businesses are often well informed of external cyber-fraud, such as the direct hacking of system, as high-profile breaches often hit news headlines,” argued James Richardson, cyber fraud specialist at Bottomline Technologies.

“Consequently, some companies have invested disproportionate amounts into protecting their systems against cyber-fraud at the cost of internal vulnerabilities. Businesses must adopt a balanced approach when protecting against internal and external payment fraud.”

Source: Information Security Magazine