Think before you click: The most common cybercrime tactic to be aware of

Updated: Jan 20

Did you know that 39% of businesses and 26% of charities in the UK had a cyber security breach or attack in the previous twelve months? These are figures taken from the most recent Cyber Security Breaches Survey produced by the government annually. The report also highlights the increase in remote working as a direct result of the COVID 19 pandemic. This in turn, has increased many organisations vulnerability to a cyber-attack.


In Wales alone, the National Fraud Intelligence Bureau data shows there was over £53 million lost to fraud and cybercrime last year, which for a nation of three million people is a lot of money to have stolen by criminals.


Regional businesses, charities and sole traders can’t afford such detrimental losses so, what do organisations need to be doing to protect themselves? As these figures demonstrate, there has never been such a critical time to be putting in measures, so you don’t join those statistics. There are simple steps that you can take to reduce your vulnerability and the Cyber Resilience Centre for Wales (WCRC) can help you with this.


The most common threat currently used by a cybercriminal is a phishing email. This may be a general widespread attack, or a more focused assault on your organisation. The key to defending yourself against this attack is staff awareness so that all employees understand the key elements to recognising a phishing email if or when they receive one. This means that your organisation is in a far stronger position to falling victim to being hacked and blackmailed.


Yet we all make mistakes, and one can easily slip through the net, especially when we’re very busy or under a lot of stress. Clicking on a corrupt attachment or link may mean malware is downloaded to your computer which could be used to reveal your passwords, to access your email account, send emails pretending to be you, or to steal client data and blackmail you for its return. The malware may be in the form of ransomware, which means that all the data you have on your computer or network is encrypted, and you must pay the criminals to get your data back.


Make 2022 the year to make yourself safer to online attacks. Contact the WCRC and let us help you take those easy actions to protect yourself, and then keep up to date with the latest threats. It may be that you want to set your goal higher and look to achieve Cyber Essentials (a cyber security standard aimed at businesses and organisations) which we can also assist you with by providing details of certification bodies that can help you achieve this.


The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for Wales is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others. Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for Wales provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

The Cyber Resilience Centre for Wales does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for Wales is not responsible for the content of external internet sites that link to this site or which are linked from it.