A recent government survey has revealed that over two-thirds of high-income charities had recorded a cyber breach or attack in 2018. Of those charities affected, the vast majority (over 80%) had experienced an attack in the form of fraudulent email phishing.
All charities should be vigilant to the threat of cybercrime and make sure appropriate defences are in place, including raising awareness with all staff and volunteers. Implementing the five steps below will help mitigate cybercrime risks and protect your charity.
Back up your important data on a regular basis and ensure the backups can be recovered and restored quickly
Protect your charity from malware by switching on your firewall, installing antivirus software, avoiding the download of unknown apps, keeping IT equipment, software and apps up to date and limiting the use of USB drives and memory cards
Keep smartphones and tablets safe with robust password protection, and track, lock and wipe missing devices
Avoid connecting to unknown wi-fi hotspots
Check your digital footprint and remove unnecessary information that could be used by hackers from the website and social media.
If your charity has fallen victim to cybercrime, or any other type of fraud, you should report it to Action Fraud by calling 0300 123 2040, or by visiting the Action Fraud website. Charities should also report fraud to the Charity Commission as a serious incident via RSI@charitycommission.gov.uk. The Commission expects prompt, full and frank disclosure of incidents from trustees.