Search

Published on 30th November 2023

Tips to Protect Your Charity from Cybercrime

There has been a continued increase in cybercrime in recent years, which is a concern for all entities, including charities. Cybercrime takes many different forms and can involve data breaches, identity fraud or phishing emails.

What makes Charities so vulnerable?

Charities can be targeted for a number of reasons, some of which are common for all types of organisations. But some of these are increased as a result of being a charity. These include:

  • The number of online donations has increased year on year recently. But a particularly significant increase has been seen in the past 2 years due to the pandemic changing the way we engage with charities. These online payments can be more susceptible to hacking.
  • Hybrid and remote working has become increasingly common as a result of the pandemic. This can lead to a weakening of internal controls. And with the government announcing that that way to get more people back into the workplace this is only set to rise
  • The number of phishing and malicious emails is increasing. They are also becoming more realistic and less easy to identify. Thanks to tools like ChatGPT and other AI tools figuring out what is real and what is a scam is more difficult than ever before
  • Due to the cost of living crisis, limited funds and cost savings being made, charities may have fewer online security controls in place.
  • Charities are unlikely to have a trustee on the board responsible for monitoring cybercrime.

How can Trustees protect against Cybercrime?

Despite the increasing levels of cybercrime, there are steps that charities and their trustees can take to protect them from cybercrime. Charities and their trustees should ensure that:

  1. IT processes and procedures are fully understood.
  2. The correct software for protecting confidential information is in place.
  3. They have a trustee on the board responsible for cybercrime and related IT security.
  4. Staff have sufficient training on the topic. This includes spotting a fraudulent email, following internal control procedures and using strong passwords.
  5. Any instances of cybercrime are reported both internally, and externally where necessary.

For further advice or tips, get in touch with a member of our Charity and Not for Profit team on 01903 234094.

Claire O’Leary Senior Audit Manager Contact Claire O’Leary >

Related news

What type of work do you do in your first month as an audit trainee? POSTED 8th May 2024 By Claire O'Leary UK entity with international ownership: Audit regulations POSTED 10th April 2024 By Joshua Roberts A week in the life of an audit trainee at Carpenter Box POSTED 5th April 2024 By Claire O'Leary Charities Act 2022: Changes from 7 March 2024 POSTED 13th March 2024 By Robin Evans What does an Auditor do? POSTED 26th February 2024 By Andrew Le Fevre What is an Audit? POSTED 6th February 2024 By Andrew Le Fevre Strengthening Financial Confidence: Assurance Reviews and Agreed Upon Procedures POSTED 29th December 2023 By Alaina Cryer What Are the Advantages of Back-Office Operations Outsourcing? POSTED 1st December 2023 By Joshua Bowen Charities: Get to know your volunteers POSTED 27th November 2023 By Claire O'Leary Preparing for an Audit – The Unofficial Survival Guide POSTED 17th November 2023 By Kristina Perry