October is Cyber Security Awareness Month
October 2, 2024
According to data from Action Fraud, the national fraud and cybercrime reporting service, more than 33,000 people had their social media or email accounts hacked in the 12 months to August 2024, and victims lost a total of £1.4 million.
Fraud is now the most commonly experienced crime in the UK, with 1 in 17 adults falling victim to fraudsters. The National Fraud Intelligence Bureau indicate that 80% of fraud is cyber-enabled.
October is Cyber Security Awareness Month, an international initiative that aims to educate everyone about cyber safety. To mark the event, Action Fraud and NHS England have launched awareness campaigns to remind people that there are simple ways to protect themselves and our NHS from online threats.
The message from NHS England is clear, cyber crime threatens patient safety, it can be a matter of life and death, but adopting the following good cyber behaviours is a great defence against cyber criminals:
- use strong passwords
- turn on multifactor authentication
- recognise and report phishing
- keep up to date with learning
You find out more about the NHS England campaign and access resources
here.
You can find out more about the Action Fraud campaign here and find more information about protecting yourself from fraud, here.
Share this news story...
Section 199 of the Economic Crime and Corporate Transparency Act 2023 (ECCTA) introduced a new corporate offence that significantly raises the bar on fraud risk management. Large organisations can now be criminally liable if an employee, agent, or other associated person commits fraud for the organisation’s benefit—and the organisation did not have reasonable fraud prevention procedures in place. This is a strict liability offence. Prosecutors do not need to prove senior management knowledge or intent. If fraud occurs and the organisation cannot demonstrate an adequate prevention framework, liability follows. The only defence: reasonable procedures The sole statutory defence is that the organisation had reasonable procedures in place to prevent fraud, or that it was reasonable not to have such procedures. In practice, regulators have made clear that “reasonable” will be interpreted robustly. Organisations should be acting now to: Conduct a documented fraud risk assessment covering business models, revenue streams, incentive structures, third-party exposure, and jurisdictional risk. Design proportionate prevention controls aligned to identified risks, including financial controls, approval thresholds, segregation of duties, and oversight of agents and intermediaries. Set the tone from the top , with clear board ownership, senior accountability, and demonstrable commitment to fraud prevention. Implement targeted training and communications so employees and associated persons understand fraud risks, red flags, and reporting routes. Maintain monitoring, reporting, and review mechanisms , including whistleblowing channels, audits, and periodic reassessment as the business evolves. Evidence everything . Policies without implementation, or controls without records, will not support a defence.
Thank you to everyone who attended one of our fraud prevention webinars in 2025. For those who missed them, you can now watch all the recordings at your convenience on the SAFE YouTube channel. Whether you want to find out more about the drivers of fraud, or explore strategies for preventing emerging threats such as dual employment and imposter fraud, we've got a webinar for you. All the links you need are below, and we've included links to additional resources available elsewhere on the SAFE website.
SAFE – Security and Fraud Experts and Dorset HealthCare University NHS Foundation Trust are proud to be part of Project WISE (Workforce Integrity and System Efficiency), a proactive initiative using data and advanced analytics to strengthen fraud detection across the NHS. The NHSCFA estimates that £1.346 billion of NHS funding is vulnerable to loss through fraud, bribery and corruption in England. With fraud posing a significant risk to NHS resources each year, we’ve joined forces with the NHS Counter Fraud Authority and four other NHS organisations across the South East and South West to pilot this first-of-its-kind initiative. The pilot is helping to identify emerging fraud risks and patterns, turning complex data into actionable intelligence that supports local and regional counter fraud teams.
