Companies increasingly hit by cybercrime

A new analysis conducted by YouGov on behalf of Danske Bank shows that Danish companies are increasingly hit by cybercrime despite the fact that 6 out of 10 companies think they are well-protected against the fraudsters.

Cybercrime and digital fraud have inevitably become an integral part of our vocabulary. Last year alone, Danske Bank saw an increase of 22% in cybercrime attempts, and the fraudsters’ profits went up by 45%. Although the extent of cybercrimes continue to increase, companies do not significantly worry about cyberattacks.


Common methods of cybercrime

Phishing

The fraudsters use fake e-mails to obtain sensitive data

CEO fraud

The fraudsters appear as your manager to obtain sensitive data or money

Invoice fraud

The fraudsters appear as a client or supplier to trick you into updating a legitimate supplier's payment details

Ransomware

The fraudsters obtain data and require a ransom to release it



In Denmark, the most common methods of cybercrime are phishing, CEO fraud, invoice fraud and ransomware, but Danske Bank sees an increase in supplier fraud. In supplier fraud cases, the criminals appear as the company’s supplier and ask the company to pay future payments to a new bank account. In many cases, they use the company’s and supplier’s ongoing e-mail thread, which makes the supplier request seem real.

The fraudsters are becoming even more sophisticated
As digitalisation and software improve, the fraudsters become even better and more sophisticated in their methods, which results in an increased amount of successful cyberattacks. “Something that you need to be especially aware of is the fact that Danish was not widely used by fraudsters in the past, but today fraudsters operate in fluent Danish. Also, the methods they employ are not simple. The fraudsters write, phone, send text messages and use other methods to make their story sound plausible,” says Ketil Clorius, Head of Fraud Management at Danske Bank.


Unfortunately, in a trust-based society such as ours we’re more susceptible in this respect, and it’s easy for us to fall into the trap.

Ketil Clorius

Head of Fraud Management, Danske Bank

 

With the fraudsters’ new methods, awareness and attention have become two of the most crucial elements in companies’ safeguard against cyberattacks. The YouGov-analysis shows that only 22% of the employees with IT responsibilities find it likely that their company will be hit by cybercrime or digital fraud. At the same time, 58% of the employees with IT responsibilities do not perceive cybercrime or digital fraud as a threat to their company. “Unfortunately, in a trust-based society such as ours we’re more susceptible in this respect, and it’s easy for us to fall into the trap,” Ketil Clorius says.

A helping hand
At Danske Bank, fraud management has become an integral part of the bank’s procedures through the implementation of a before-, during-, and after-strategy. With the during-strategy and the bank’s monitoring set-up, Danske Bank can help companies monitor unusual behaviour that can indicate a fraud attempt. “We have a strong team that initiates a dialogue with the company if we see a behaviour that we think is atypical,” says Ketil Clorius.

In general, Ketil Clorius believes that you cannot completely guard yourself from the fraudsters, but you can implement the right software, internal processes and employee learning to protect yourself in the best possible way from the increasing extent of cybercrime.

Few companies worry about cybercrime


15 percent of the employees with IT responsibilities are worried about their company being hit by cybercrime or digital fraud


22 percent of the employees with IT responsibilities find it likely that their company will be hit by cybercrime or digital fraud


36 percent of the employees with IT responsibilities think that their company is not interesting enough to be hacked


39 percent of the employees with IT responsibilities have never had an external advisor to help them with IT-security