According to the Charities Aid Foundation (CAF), November and December are the peak months for donations to charity. It’s no surprise with the number of opportunities we get to give during the festive season.
However, not everyone feels so generous at this time of year. The National Fraud Intelligence Bureau (NFIB) released a national alert earlier this year highlighting the insider threat of fraudsters and cybercriminals to charities.
They have found that over 50% of organisations have suffered an insider attack in the previous year and that charities are just as vulnerable to insider threats as the private or public sector.
While you may imagine a cyber-criminal as a malicious stranger, the harsh reality is that it’s not uncommon for a cyberattacker or fraudster to be someone from within your organisation such as a trustee, employee or volunteer.
Their research found that 43% of insider fraud incidents within a charity are committed by an employee, 33% are committed by a trustee, and only 10% are committed by a volunteer.
This form of fraud can potentially be more devastating than an attack by an outsider as insiders typically have a deeper knowledge of the organisation’s inner workings, including how to access sensitive data. After the incident, 43% of charities who had suffered insider fraud believed that the main cause of the incident was excessive trust in a single individual.
Follow these guidelines to help prevent insider fraud within your charity:
- Limit access to sensitive files so that only relevant, trusted members of staff can see the documents. Consider encrypting your files as well.
- Closely monitor staff activity on IT systems.
- Establish clear policies on fraud and make sure your staff is aware of them.
- Finally, report any fraud incidents to Action Fraud and the Charity Commission.
For additional government information on preventing fraud, click here.
If you are a charity looking for cyber cover, please visit Cyberguru.co.uk for more information on Cyber attacks and what we can do to protect you in the event of one.
Similarly, if you’re a charity looking to insure against theft by employees or any other aspects of your operation, please do get in contact with Insync Insurance who could find you a quote that could save your charity money.