The 2013 Kroll Global Fraud Report found that 70 per cent of companies were affected by fraud in the past 12 months, up from 61 per cent for the previous year. Increases were found in every category of fraud covered by the study.
According to the study, 81 per cent of respondents think their business has become more exposed to fraud in the last 12 months, with businesses on average suffering from 2.3 different kinds of fraud in the past year. Some 72 per cent of respondents were found to have been hit by fraud by at least one insider, up from 67 per cent last year.
Tom Hartley, CEO of risk mitigation experts Kroll, said it was “no surprise” that global incidence of fraud is rising, adding the measure of a good company is how they prepare for fraud, how they deal with it and how they move on.
He said: “It’s not just about avoiding fraud, which is almost inevitable, it’s also about how you respond.”
Information fraud was found to be the second most common type of fraud, affecting more than one in five businesses in the last year (22 per cent). The study found that 21 per cent of companies are highly vulnerable to information theft and 75 per cent are at least moderately vulnerable.
The complexity of IT infrastructure was cited as the biggest factor increasing their exposure to fraud by 37 per cent of respondents. The study found that attacks by external hackers have almost doubled from 18 per cent to 35 per cent, while 17 per cent of information theft victims suffered due to a hacker attack on a vendor or supplier.
In addition, 39 per cent of companies who suffered from information theft in the past year admitted it was an inside job and an employee was to blame.
Hartley added: “Cybercrime is a growing threat for businesses but many businesses are under-prepared for it.
“A third of them say they don’t currently invest in IT security and while companies that are planning to increase investment are focusing on technology, they are neglecting elements such as staff screening and due diligence on partners, clients and vendors.
“These processes are key to mitigating the insider threat, which often can’t be detected by anti-fraud technology or physical security.”