Rising rates of cyber crime and violence against staff are emerging as significant threats in the United Kingdom’s retail industry.
New crime figures from the British Retail Consortium (BRC) show that 53 percent of retail fraud is now cyber-enabled.
Customer data held by retailers is highly valued by cyber criminals. Image: pixabay-1654709
Cyber-enabled crime includes – but is not limited to – the following examples:
– Phishing: such as obtaining user names and passwords information via bogus emails
– Theft of computer-based data
– Doxing: revealing user identities online by tracing their digital footprint
– Pharming: directing users to fake websites, even via correctly entered URLs
– Social engineering: manipulating people online so they give up their personal details
– DOS (denial of service) attacks: overloading a server in order to bring a website down
The BRC’s 2016 Retail Crime Survey also reveals a 40 percent rise in violence and abuse against retail staff compared with the previous year.
In 2015-2016, there were 51 incidents of violence and abuse per 1,000 staff compared with 36 per 1,000 in 2014-2015. The biggest increase has been in aggressive and abusive behavior.
Helen Dickinson, Chief Executive of the BRC, says:
“These figures reflect a deeply concerning trend. Attacks on retail workers are intolerable, as are attempts to defraud customers.”
When asked which types of crime they believe will represent the biggest threats to their business over the next few years, retailers put cyber attacks and violence as the highest priority issues.
Customer theft accounts for biggest proportion of retail crime
The BRC report finds that incidence of crime has risen compared with the previous year, with customer theft continuing to dominate in terms of size of direct cost of crime.
The total direct cost of crime for the UK retail industry 2015-2016 was £600 million, which breaks down as follows:
– Customer theft £438m
– Fraud £183m
– Employee theft £13m
– Burglary £11m
– Theft by others £7m
– Robbery £5m
– Criminal damage £3m
Cyber crime accounts for around 5 percent of total cost
The report notes there are considerable difficulties in measuring the exact cost of cyber crime and internet-enabled fraud, and indeed, the harm they cause are not limited to financial losses.
Nevertheless, from their survey data, the BRC estimates that cyber crime such as hacking and data breaches account for around 5 percent of the total direct cost of crime to retail firms. This represents a loss to the industry of around £36 million a year.
The survey also asked retailers to assess the extent to which the fraud they suffered in the last year came as a result of online activity – that is cyber-enabled fraud.
This was estimated to be 53 percent of total fraud – representing around 15 percent of the total cost of crime, or a direct cost to the industry of around £100 million.
Customer data highly attractive to cyber criminals
The report notes that the customer data held by retailers is highly valued by cyber criminals, many of whom are based outside the UK but can readily access UK digital networks.
While the industry can do more to protect its retail firms, the report suggests it is now time for the authorities to step in and also give more support to stop cyber-enable crime.
The BRC will be publishing a cyber security toolkit for retailers next month.
Dickinson says that while retailers are working hard to ensure the safety of their staff and customers, there is a need for the industry to work closely with government, private security, and law enforcement to fight this “rising tide” of cyber crime and violence against retail staff.
“There is work to do to further improve collaboration between the UK retail industry and its partners, and raise standards of security and policing of these threats across the country,” she concludes.