How is the cost-of-living crisis causing one-in-10 Brits to engage in ‘illegal or illicit’ online behaviour and how can this be avoided?

How is the cost-of-living crisis causing one-in-10 Brits to engage in ‘illegal or illicit’ online behaviour and how can this be avoided?

Eskenzi PR & Marketing, a leading global PR and Marketing agency for the cybersecurity industry, has released further results from the 2023 Cost of Living Crisis Survey, which aimed to understand how Britons – and the cybercriminals who target them – have been coping with the seemingly ever-worsening cost-of-living crisis.  

The results of the survey found that 11% of Brits were tempted to engage in ‘illegal or illicit online behaviour’ in order to help manage the fallout from the cost-of-living crisis. This statistic becomes even more concerning when focused on younger people, with almost a quarter of 25-35-year-old respondents (23%) willing to consider illegal or illicit online activity, reflecting Britain’s endemic problem of generational wealth inequality.  

While it is obviously concerning that so many Britons are willing to engage in this kind of activity, the reasons underpinning this decision are reflective of the bleak state of the nation in 2023, as the cost-of-living crisis continues to squeeze many households. Of those willing to engage in this kind of behaviour, 56% suggested it was because they are desperate and struggling to get by, with a need to find alternative means of supporting their families.  

While these results show that the general public are responding to the cost-of-living crisis, previous results from the 2023 Cost of Living Crisis Survey showed that cybercriminals are responding in kind: 44% of respondents have also noticed an uptick in online scams hitting their inboxes since the cost-of-living crisis began in late 2021/early 2022. Another worrying finding is that this uptick is proving devastatingly effective for scammers: over one-in-10 (13%) of UK respondents have already been scammed since the crisis began. This rises to a quarter (26%) of respondents in the 18-25 age range, reflecting a hyper-online lifestyle and culture which scammers can work to exploit effectively.  

Perhaps most worrying is that these scams appear to be working. For example, a quarter (25%) of those who have noticed more scams in their inbox since the beginning of the cost-of-living crisis have fallen victim to a scammer, compared to just 3% of those who have not.  

“These findings paint a bleak picture of both the current mood of many UK residents responding to the cost-of-living crisis and of the cybercriminal landscape in which scammers are seeking to exploit the corresponding desperation,” said Yvonne Eskenzi, Founder of Eskenzi PR. 

“The completely natural human desire to protect and support your family is a commendable one, but as experts in the online cybercrime landscape, we would advise anyone tempted to engage in illegal or illicit online behaviour to exercise extreme caution. Adding fuel to this fire simply works to ensure the cycle of misery created continues to wreak havoc on an already vulnerable general public. The best thing that people can do in response to illegal online behaviour is to remain hyper-vigilant to the kind of scams we have seen such a dramatic rise in and follow expert guidance and advice.” 

Javvad Malik, Lead Security Awareness Advocate, KnowBe4 

Javvad Malik, Lead Security Awareness Advocate, KnowBe4 

The cost-of-living crisis is having a significant impact on people’s lives and it is also leading to an increase in illegal and illicit online behaviour. This includes activities such as downloading pirated movies and music, using fake IDs to buy alcohol or cigarettes and buying drugs online. 

There are a number of reasons why people are turning to illegal activity. One reason is that they are looking for ways to save money. For example, people may download pirated movies and music instead of paying for them, or they may buy fake IDs to buy alcohol or cigarettes at a lower price. Another reason is that people are looking for ways to get access to goods and services that they cannot afford, such as drugs. 

The cost-of-living crisis is also leading to an increase in cybercriminals taking advantage of people’s financial desperation by targeting them with scams and phishing attacks. For example, cybercriminals may send emails that appear to be from legitimate companies, such as banks or credit card companies. Other emails may include job offers which sound too good to be true, or easy work-from-home money-making schemes. These emails may contain links that, when clicked, install malware on the victim’s computer. Once the malware is installed, the cybercriminal can steal the victim’s personal information, such as their bank account details or credit card numbers. Even worse, people may unwittingly be drawn into criminal activity for which they can be arrested.  

There are several things that can be done to avoid engaging in such behaviour. One is to be aware of the risks involved. People should think carefully about the consequences of their actions before engaging in any suspicious activity. Another is to be careful about what information they share online. 

The cost-of-living crisis is a serious problem and it is having a negative impact on people’s lives. However, there are things that can be done. By being aware of the risks, being careful about what information is shared online and using strong passwords, MFA and up-to-date software, people can help to protect themselves from cybercrime. 

Here are some extra tips to staying safe online:  

  • Be sceptical of any unsolicited emails or messages that you receive, especially if they offer something that seems too good to be true. 
  • Never click on links or open attachments in unsolicited emails or messages. 
  • Keep your software up to date with the latest security patches. 
  •  Be careful about what information you share online, especially your personal information. 
  • If you think you have been a victim of cybercrime, report it to the authorities. 

Jamie Akhtar, CEO and Co-founder of CyberSmart  

Jamie Akhtar, CEO and Co-founder of CyberSmart  

The cost-of-living crisis is putting significant strain on both businesses and individuals alike to make ends meet. In fact,recent research by CyberSmart revealed that nearly a third of UK SME employers have had to freeze salaries, which, accounting for inflation, means a decrease in real wages. A further 11% have even had to reduce salaries altogether. On top of that, almost a quarter of SMEs have hit pause on recruitment, while 16% are letting go of employees for budgetary reasons. This combination of employment and financial instability, alongside heavier workloads as fewer people are compelled to cover for those dismissed, is the perfect recipe for overworked, overwhelmed and resentful individuals. 

Whether out of desperation or retaliation, some of the more tech-savvy among them may turn to illicit or illegal online behaviour. In fact, as many as 17% of SME employers believe their staff will seek to harm the company’s reputation due to resentment over salary cuts/stagnation and/or layoffs; and a fifth believe they will steal sensitive or proprietary data from the company to sell for a profit or for competitive advantage. 

With the commoditisation of cybercrime, it has also become fairly straightforward for individuals to buy the tools and expertise they need to run a successful cyberattack – be it a ransomware or phishing campaign – and extort or manipulate others for money this way. Phishing kits on the Dark Web can cost as little as US$50; a small investment for, potentially, great reward. 

In order to avoid individuals going down this path, it is crucial that senior leaders check in with their staff, respond with empathy and offer support, where possible. This could include pointing them in the right direction for government-backed or charitable resources.National Debtline, for instance, offers free, impartial financial advice, whileEnergy Savings Trust offers advice to reduce home energy usage and its associated costs.   

From a technical standpoint, businesses should also implement clear policies and procedures for deprovisioning as well as limit employee data access privileges according to their role within the business. All data should also be encrypted and documents backed up. Last but not least, it is important that teams undergo regular security awareness training to instil best practices. 

Brian Higgins, Security Specialist at Comparitech 

An underlying factor enabling the uptick in potentially illegal online activities is a lack of awareness or understanding of the Computer Misuse Act (CMA). It isn’t taught anywhere, despite considerable lobbying to have it included on the National Computer Science curriculum, yet almost 90% of UK households have some kind of computer or device. It’s no wonder, then, that the lines of criminality are blurred in most people’s minds and this is clearly a contributory factor in the reported rise in engagement in illicit or criminal activity as many perpetrators may not even realise that they are breaking the law. 

Couple this with the research findings that ‘almost a quarter’ of 25–35-year-old respondents were ‘willing to consider illegal or illicit online activity’ in an attempt to alleviate their current financial woes as they represent a generation who’s first response to any challenge, question or problem is the Internet. They are better equipped to find and engage with less traditional online money-making opportunities, but an unregulated Internet means unregulated content and even the CMA can’t deal with that. 

Also, any large-scale, global or social crisis; war, earthquake, economic collapse will always result in a major mobilisation of cybercriminality. The gangs and organisations responsible have a keen eye for any opportunity and little care for those affected. Fear, Uncertainty and Doubt (FUD) are the foundations of any successful phishing campaign so preying on the FUD surrounding the inability to pay the bills or feed the family is a no-brainer, especially since pretty much everyone in the UK is in the same boat somehow. It’s not like attacking a bank or retail platform and going after a finite customer base, the attack surface here is the whole country and that certainly ups the numbers considerably. As the interest rates continue to rise and the bills and prices follow suit, more and more people will run out of savings or goodwill and FUD will lead them to look for other ways to stay afloat. Once the help and support dry up, the Internet is the only place left to turn. 

There’s an old law enforcement quote that says: ‘You can’t arrest your way out of cybercrime’ and that’s particularly pertinent here. The only way to turn this tide is through education but it will need to be a much stronger tide before anyone is willing to pay for that. 

Browse our latest issue

Intelligent CISO

View Magazine Archive