Resources
Everything you need to know
Company
Security and customers first
Close

Request a demo

Find out today the difference that Hicomply’s unique solution can make to your business.

Close

Thank you for your request

Success

In the meantime, connect with Hicomply for insights on authentication and fraud prevention

Close

ROI Calculator

See how much you could save with Hicomply

Hicomply feature Yearly saving
Automated scoping Easily scope your ISMS with the Hicomply platform
Asset register autogeneration A shorter learning curve for organisations and a simplified process
Risk assessment Autogenerate your risk register and risk treatment plan
Extended policy templates 90% of the essential are already written out of the box
Controls framework All controls are pre-loaded and already linked to the risks they mitigate
Task management Automate all actions, administration and setup time of your ISMS
Real time monitoring Understand status and progress across your ISMS with the Hicomply dashboard
Compliance & Training Your whole team, on the same page
Audit readiness Hicomply makes sure you have everything in place for your audit
Auditor access Give auditors a dedicated login to access and audit your ISM
Back to Knowledge & Insights

Go Phish? How To Avoid Falling Foul Of Fraudsters

As we enter National Cybersecurity Awareness Month, cyber-related fraud offences are on the rise in the UK. Cyber-related incidents made up 61% of fraud offences in the year ending March 2022, compared to 53% in the year ending March 2020 – and overall computer misuse increased by 89%.

Women made up the majority of individuals who reported cyber-dependent crime to the National Fraud Intelligence Bureau in 2022, data shows.

Almost half (47%) of reports came from women, one in three (30%) were from men and the remaining individuals did not disclose their gender.

The data also showed that 25-44 year olds are the most likely to receive a phishing message – but 35-44 year olds are most likely to click it.

Who Is Most Likely To Be Targeted?

A survey from the Office for National Statistics revealed that 35-44 year olds are the most likely age group to be targeted by phishing attacks, with the 25-34 year old age group not far behind.

60% of 35-44 year olds and 58% of 25-34 year olds reported having received a message that may have been phishing, while 5% of 35-44 year olds said they had either replied to or clicked on a link, compared to 2% of 25-34 year olds.

Aiming to raise awareness of phishing for National Cyber Security Month in October, we used the data to build a profile of those most likely to be targeted by phishing.

Phishing attack target and victim profiles

Fraudsters’ Ideal Phishing Target

  • 25-44 years old
  • Employed
  • Female
  • Private renter or homeowner
  • Lives in one of the least deprived areas of England

However, the profile for victims of successful phishing attempts was slightly different, with higher percentages of these groups saying they had replied to or clicked a link in a potential phishing message.

Most Likely Phishing Victims

  • 35-44 years old
  • Female
  • Social renter
  • Lives in one of the most deprived areas of England

Additionally, over half (54%) of survey respondents had received a message from a fraudster pretending to be from a delivery company, 32% from banks or other financial institutions, and 29% from e-commerce companies.

Cybersecurity For Individuals

Zoe Grylls, customer success manager lead at Hicomply, said: “Cyber criminals rely on creating a sense of urgency, so there are some key things that employees can look out for to recognise a phishing attempt. Is the subject line alarming? Is the content designed to evoke emotion? Curiosity, fear, greed and helpfulness are all used to create urgency so the recipient takes action immediately.

“You might be asked to click on something or give your details to avoid a negative consequence, such as missing an important delivery. As the UK cost of living crisis continues, we’re also more likely to see fraudsters posing as utility companies or other service providers. Money is a huge motivator so be careful and check the information in the message matches with the official information on a company’s website.”

Cybersecurity For Businesses

The finance industry was the most targeted in phishing attempts in the first quarter of 2022, seeing almost a quarter (23.6%) of total phishing attacks recorded worldwide. This was followed by software as a service (SaaS) and webmail at 20.5% and e-commerce and retail at 14.6%.

Zoe said: “For businesses, it’s important to invest in training. Run regular simulated phishing attacks, with targeted training if needed. Assess your organisational security awareness and use the results to decide on future training modules for your staff. You can also use tools from dedicated cybersecurity businesses like KnowBe4 or Cofense, which provides a phishing alert button employees can use to flag suspicious emails – you can then blacklist those reported email addresses if they are potentially harmful senders.”

Research company Statista found that phishing and its variations (smishing, vishing and pharming) were the most commonly reported cyber crimes worldwide in 2021, with 324,000 reports. This was almost four times the amount of non-payment/non-delivery reports, the second most commonly reported cyber crime with 82,500 reports.

Methodology

  • To raise awareness of National Cybersecurity Awareness month, researchers at Hicomply wanted to identify individuals most likely to be targeted by phishing attacks
  • They looked at data from the Office for National Statistics and National Fraud Investigation Bureau (see sources below).
  • Experts at the business based the profile of a person most likely to be targeted on the percentage of survey respondents that indicated they had received a message which could be phishing:
    • 59% - 25-44 years old
    • 56% - employed (vs 39% unemployed)
    • 52.5% - private renter or homeowner
    • 56% - live in one of the 20% least deprived areas of England)
    • And percentage of NFIB-reported cyber dependent crime victims (47% female) from 1 Jan 2022-28 Sept 2022.
  • Experts based the profile of a person most likely to fall victim to a phishing attack on the percentage of respondents that indicated they had clicked or replied to a potential phishing message:
    • 5% - 35-44 years old
    • 7% - social renter
    • 5% - live in one of the 20% most deprived areas of England
    • And percentage of NFIB-reported cyber dependent crime victims (47% female) from 1 Jan 2022-28 Sept 2022.

Sources

More Insights

ISO27001
How Much Does ISO 27001 Certification Cost?
ISO27001
The UK Counties Most Impacted By Fraud And…
ISO27001
Cybersecurity In Education: Mitigating The Risk…