Charities at risk of being targeted for online fraud
Charities holding vast quantities of personal data and payment information are at risk of potentially devastating online attacks, intelligence officials have warned.
In one case a charity lost £13,000 after its chief executive’s email was hacked.
The threat to the sector was detailed in the first assessment of its kind published by the National Cyber Security Centre (NCSC).
Experts at the centre – which is part of intelligence agency GCHQ – said charities are falling victim to a range of malicious activity – although the scale is unclear because of under-reporting.
The report said: “The NCSC believe there is considerable variation in charities’ understanding, approach to and application of cyber security. Some charities are aware their data is sensitive, valuable and vulnerable to malicious cyber activity. We believe many, particularly smaller charities, do not realise this and do not perceive themselves as targets.”
Fraud aimed at tricking employees with financial authority into transferring money is increasing, according to the report.
It highlighted one episode in which a charity lost £13,000 after the email of its CEO was hacked and a fraudulent message sent to its financial manager.