More than half of retail fraud is now cyber-enabled, amounting to approximately £100 million in losses.
The annual Retail Crime Survey from the British Retail Consortium (BRC) reveals that ever more sophisticated forms of crime are being perpetrated against retailers and their customers, which include cyber-enabled crimes such as phishing, theft of customer data, doxing and social engineering, as well as other scams.
The survey covered 37 percent of the UK retail industry by turnover and 35 percent by staff, accounting for 1.1 million employees.
Crimes such as hacking and data breaches represent five percent of the total direct cost of crime to retail businesses, which is an approximate direct financial loss to the industry of £36 million per annum.
Half of respondents cited cyber-attacks as one of the most significant future threats, supporting the mantra that the UK's business crime landscape is rapidly evolving.
Alongside the considerable amount of financial and societal harm being inflicted, there is little sign that the threat is subsiding. Most respondents (91 percent) reported that the overall number of cyber-breaches is increasing (36 percent) or remaining the same (55 percent).
Twenty-nine percent of retailers reported that their business had seen an increase in malicious insider incidents in the past two years.
Respondents indicated that the biggest increases in cyber-related incidents against retailers are in phishing (50 percent) and denial of service attacks (33 percent).
Seventy-nine percent of retail businesses felt that their ability to recruit staff with cyber-security expertise is manageable.
Retailers continue to heavily invest in training as 94 percent of respondents indicated that they provide training in cyber-security.
There is enormous scope for improvement around how the police work with retailers, and vice-versa, to tackle cyber-crime. The ongoing concern is that Action Fraud, the UK's fraud reporting system, is not operating effectively. In relation to the UK Government's performance on cyber-security, more than half of respondents indicated that it is “poor” or “very poor”.
“In 2017, we aim to work more closely with key stakeholders to reduce the impact of particularly the highest priority forms of retail crime, such as cyber-crime,” Helen Dickinson OBE, chief executive at the BRC said.
Henry Rex, programmer manager for justice and emergency services at techUK comments by email: “The adoption of online crime reporting tools, allowing the swift reporting of offences and online submission of digital evidence, could dramatically speed up the time it takes to process cases and increase the likelihood of guilty pleas.
Rex added: This would go some way to address the fact that 56 percent of retailers surveyed believed police performance to be poor. Businesses, police forces and the tech industry must work together to ensure that all parties have the skills, tools and knowledge to prevent and detect crime.”