Fighting retail fraud with fire
Read time: 3 mins Added: 30/07/25
Retailers are a prime target for cyber criminals and fraudsters, but what steps can you take to reduce the risk of attacks and maintain business as usual?
Almost one-third (32%) of UK retailers identified cybersecurity breaches or attacks in the previous 12 months1. While larger businesses are more likely to be targeted due to the significantly higher potential rewards, as a smaller retailer, you can’t afford to ignore the hidden risks.
For example, could your business cope financially if you lost out on a week’s trading because your systems were compromised?
Here’s a quick overview of how your business and customers could be affected:
- Malware is any intrusive software developed by cybercriminals to steal data and damage or destroy computers and computer systems2
- Phishing involves the sending of fraudulent communications that appear to come from a legitimate and reputable source, usually through emails and texts3
- Ransomware is a type of malicious software or malware. It encrypts a victim's data, after which the attacker demands a ransom4
Retailers are an attractive target for fraudsters because they process a large number of card transactions daily. In 2025, retail Ecommerce sales as a share of total retail sales in the UK are predicted to reach approximately 38%5.
Fending off the card sharks
The impact of card fraud on small retailers doesn’t end immediately after an attack. Over 90% of customers spent less in the six months following a fraud incident6.
One of the main ways to increase your cybersecurity resilience is through secure online payment gateways and encryption. However, knowing the full range of threats from unexpected sources is essential.
The need for being up-to-speed
Ensuring you and your staff can identify the tell-tale signs and escalate potential fraud cases quickly can save your business money.
It’s also vital to vet potential employees when recruiting, especially when hiring temporary or seasonal contract staff. For example, you may want to conduct criminal record and credit checks for specific roles.
With cyber-attacks becoming increasingly more sophisticated through AI and other technologies, you can’t rely solely on your staff for prevention. Utilising fraud detection software and transaction monitoring can be invaluable tools for your retail business.
IT issues outside your control
Even when you’ve taken all the measures you can, your business could still be vulnerable to third-party data breaches and financial fraud from suppliers and partners. For example, issues can stem from malware that no one knows is running in the background.
It’s also wise to review cyber insurance options to mitigate your financial risks. Even more important is fully understanding the coverage and limitations of insurance policies so you know what is and isn’t included.
Preventing the worst-case scenario
Here are seven steps to help prevent cyberattacks and reduce their impact:
- Back up your data daily in the cloud so you don’t lose access to it
- Review staff permissions to things such as downloading apps, and limit use of USB sticks from outside your organisation
- Change passwords regularly on devices such as in-store tablets and ensure the passwords are suitably complex
- Use two-factor authentication on staff email accounts so hackers can’t access them
- Inform your customers as soon as possible that their details may have been hacked so they can take any necessary action
- Create a cybersecurity plan so your staff know what’s expected of them
- Sign up to cybercrime alerts from ActionFraud
You can learn more in the National Cyber Security Centre’s guide for small businesses.
Bank of Scotland business customers don’t have to tackle cyberattacks and fraud alone. There is support and guidance available to you should you become a victim of a cyberattack or fraud.
You may also be interested in
1 GOV.UK - Cyber security breaches survey 2025
2 Cisco - What is malware?
3 Cisco - What is phishing?
4 Cisco - What is ransomware?
5 Statista - E-commerce share of retail sales revenue in the United Kingdom (UK) from 2020 to 2025
6 Visa - Research reveals two in five UK SMBs have lost money to fraudsters