One in Eight Charities Have Experienced Cybercrime in Last Year
Charities have seen an increase in cybercrime in the last 12 months, the Charity Commission reports. Housing Industry Leaders looks at the research and its findings.

Ahead of a major awareness campaign, the non-ministerial department said 12 per cent of UK charities had reported experience of cybercrime.

One in eight charities told the Charity Commission that their organisation had experienced cybercrime in the last 12 months, with phishing and impersonation being the top two methods that cybercriminals have used to commit fraud against charities.

Charities Have Held Significant Levels Of Personal Data Due To The Pandemic

Over half (51 per cent) of charities hold electronic customer records, with 37 per cent of charities accepting online donations.

The Charity Commission said: “It’s important that charities get in touch with the Commission where there has been a serious incident, even where there may be no regulatory role for the Commission.”

This helps the regulator to identify trends and patterns and help prevent others from falling victim to fraud.

The Commission found that the digitisation of charities, especially during the pandemic, has led to charities holding significant levels of personal data.

However, the research found that only 24 per cent of responding charities had a formal policy in place to manage cybersecurity risk, and only 55 per cent of charities said cybersecurity was a high priority within the organisation. While just one-third (34 per cent) of charities had reported a breach.

Simple Steps Must Be Taken To Protect Charities

Amie McWilliam-Reynolds, Charity Commission Assistant Director Intelligence and Tasking, said: “Online financial transactions and the collection and storage of personal data also harbour risk, and we are concerned that some charities may be underestimating that risk and are therefore exposing their charity to potential fraud.”

We hope that projects like Charity Fraud Awareness Week help raise awareness among trustees and charity staff of the risks they may face and of the advice and guidance available to support them in protecting their charity from fraud.

The Commission said charities need to take simple steps to protect the organisation, including changing passwords regularly, using strong passwords and two-factor authentication, updating training and policies, making back-ups of data using the cloud and making sure antivirus and all other software is patched to the latest version.

Amie added: “Preventing and tackling fraud is not a ‘nice to have’. It is vital that every penny given to charity makes a positive difference, especially during these straitened times, when donors, charities, and those they support face mounting financial pressures,”