Small businesses lose an average of 800 GBP a year to internet fraud and other online crimes, according to a survey by the Federation of Small Businesses (FSB).
The FSB’s report, “Inhibiting Enterprise: Fraud and online crime against small businesses” (2009) revealed that 54% of UK businesses have fallen victim to online crime in the last twelve months, with 15% being affected by viruses and hackers, and 37% being exposed to phishing emails, where fraudsters attempt to obtain sensitive information by posing as legitimate sources.
According to the FSB, such crimes typically cost small businesses between 500 GBP and 5,000 GBP, while the average cost is 768 GBP a year, yet the report revealed that around one third of small firms do not report online crime to the police or their banks because of “a lack of faith in the system”.
However, 85% of respondents in Scotland and England said they would report fraud if a designated reporting centre were set up to gather data and use it to fight the crime and follow through with prosecutions – a system similar to that already established in Wales. The report also revealed overall weaknesses in businesses understanding of how online crime is policed, with 53% stating that they needed clearer information about how and where to report this type of crime.
Mike Cherry, Federation of Small Businesses Home Affairs Chairman, said, “E-crime is becoming an increasingly serious issue for small firms, which are losing up to 800 GBP a year to fraud and online crime – a cost which could have a significant impact on a small business.”
When a business is hit by computer crime, it generally stands a much better chance of recovery if backed up by a strong and well enforced incident response policy. Core to this is prompt reporting of the incident so that experts can be called in to gather evidence. Such evidence must be obtained by qualified professionals, known as computer forensic experts, who conduct their investigations in line with guidelines set out by the Association of Chief Police Officers. If computer equipment is examined by untrained IT staff, or there is a delay in reporting the crime, evidence could be lost, corrupted or contaminated, making perpetrators harder to trace and reducing the chances of successfully securing a conviction.
Mr Cherry added, “The internet is a huge and unregulated area but businesses have to have confidence that there are at least some structures there to support them. It is important that the Met Police E Crime Unit and the National Fraud Reporting Centre must work hand in hand to set up an effective system to gather intelligence and use it to investigate and prosecute when this crime occurs. Businesses are currently simply being left very exposed.”