Over a third of Irish businesses have been targeted by fraudsters in the past 12 months, according to a survey by Bank of Ireland.
Although the ways in which small and medium-sized enterprises (SMEs) experienced fraud varied, the most common forms included receiving bogus invoices that appeared to be from a vendor but containing amended bank account details.
This was followed by staff being contacted directly to make an out-of-course payment.
Email was the most common way to infiltrate a business, the survey found, followed by phone calls, with staff emails being the most likely to be compromised or targeted.
The study found that “persistent fraud attacks” were costing businesses significant sums with the average loss associated with frauds targeting SMEs put at €3,992 in 2020.
Despite this, the bank said, 60 per cent of SMEs who fell victim to fraud or attempted fraud in the past 12 months did not report it to their bank or to gardaí, with only 23 per cent reporting it to their business’s bank.
Work practice changes due to Covid-19 were also found to be causing fraud concerns for SMEs with 19 per cent feeling they are now more exposed.
Brexit is also weighing on fraud concerns with more than one in 10 SMEs feeling more exposed to fraud because of Brexit-related business changes.
When it came to prevention, 73 per cent of SMEs insisted their business has adequate safeguards, yet more than three quarters reported not completing staff training on business fraud in the past year.
Bank of Ireland said staff were the first line of defence in the fight against business fraud
“Over the past 12 months, and especially since the Covid-19 pandemic began, incidents of cybercrime and fraudulent activity affecting customers and businesses are a growing concern,” the head of fraud at Bank of Ireland, Edel McDermott, said.
Ms McDermott also highlighted a disparity between SME perceptions of their safety levels against fraud versus the actual training and processes they have in place.
“We would advise businesses to make sure their fraud prevention processes are up to date and fit for purpose in a remote-working world,” she said.
“Fraudsters’ tactics may change but the message around safeguarding business remains the same. Never send money somewhere just because you were asked to do so in an email,” she said.
“Be suspicious of an unusual or unexpected request from a business contact. Always pick up the phone to a known contact and double check that a request is legitimate,” she said.