Report

UK fraud losses close to £1.3bn, reveals new report

BY Fraser Tennant

More than 4 million cases of fraud resulting in a financial loss of almost £1.3bn were reported in the UK in 2025, according to a new report by UK Finance.

In its ‘UK Finance Annual Fraud Report 2026’, the association reveals that there were nearly eight cases of fraud per minute across the UK in 2025 – an 11 percent increase on the previous year and a 31 percent rise since 2023.

The scale and sophistication of fraud is also growing rapidly, driven in large part by criminals deploying artificial intelligence (AI). Specifically, investment scams saw losses soar by 40 percent in a year to a new record high, while purchase scams also hit record levels, as did romance fraud.

The report also shows that most authorised push payment (APP) fraud cases – 248,070 cases were recorded in 2025 with losses of £576.4m – start online or through telecommunication networks.  

Building on the UK government’s Fraud Strategy 2026-2029, UK Finance is calling for stronger, enforceable responsibilities to be placed on companies, including tackling fraudulent advertising by having Ofcom place stronger and proactive fraud prevention obligations on high-risk platforms.

Also recommended is for online marketplaces to verify their sellers and use secure payment mechanisms rather than allowing separate bank transfers to take place off the platform. This, believes UK Finance, would address purchase fraud, which often starts on marketplace sites.

“Fraud operates on an industrial scale, harming people, businesses and the UK economy, typically funding serious and organised crime in the UK and globally,” said Ruth Ray, managing director of economic crime at UK Finance. “The financial sector invests huge amounts in protecting customers, but we cannot be the only line of defence. It is clear we are not tackling the underlying problem effectively enough.”

To share the burden, Ms Ray is looking to firms in the technology and telecommunications sectors to contribute financially, as well as sharing expertise, intelligence and capabilities to support proactive fraud prevention.

“Given most APP fraud still starts via online technology platforms or via telecoms, we urgently need stronger, enforceable responsibilities to be placed on these sectors,” concluded Ms Ray. “This is the way to reduce the harm and stop criminals and technology companies profiting from these devastating crimes.”

Report: UK Finance Annual Fraud Report 2026

Ransomware continues to pose biggest cyber threat – report

BY Richard Summerfield

According to a new report from S-RM and FGS Global on cyber incidents, ransomware remains the biggest threat to organisations, but the widespread implementation of artificial intelligence (AI) by businesses is creating new opportunities for cyber criminals.

The report, which draws on data from over 800 incidents recording over 2025, notes that the cyber threat landscape is changing, and companies must respond accordingly.

The adoption of AI agents and automated workflows is helping to create new categories of non-human identities that can inadvertently amplify the impact of a cyber attack. Furthermore, cyber criminals are employing AI to create personalised attacks, and to identify, exploit and damage secret corporate information.

The report also notes that the number of businesses paying ransoms has increased for the first time in two years, with industrials and manufacturing companies paying more often, likely due to the operational disruption caused by these attacks.

According to the report, 24 percent of ransomware victims ended up paying out in 2025, up from 14 percent in 2024. The US continues to be at most risk of cyber attacks, with 60 percent of incidents involving US-based organisations. Asia-Pacific also recorded an increase in attacks. Over 760 organisations across the Asia-Pacific region were named on ransomware leak sites, a 59 percent increase on the previous year. The UK saw a 5 percent increase in cyber victims from 2024 to 2025.

In 2025, organisations encountered 67 different threat actors, an increase of 16 percent from the previous year. The average ransom paid was $296,000, with $1.9m the highest recorded payment cited in the report.

“We are moving into uncharted territory where the speed and sophistication of cyber attacks are out maneuvering traditional defenses,” said Jamie Smith, global managing director, cyber security at S-RM. “What once took weeks now takes days, and what took days, now takes hours. Attackers are no longer just encrypting systems; they are using AI to find the most sensitive information that could cause maximum damage to an organization and using this as leverage. The result is more targeted extortion that goes beyond generic threats of data publication. Threats are becoming specific and more personalized, designed to maximize the victim’s fear and willingness to pay.

“As more companies embed AI agents in their workflows, the risk rises exponentially,” he continued. “AI agents should be treated as untrusted identities, with least-privilege access to systems, continuous monitoring and explicit segmentation from sensitive systems or AI adoption risks creating privileged, opaque intermediaries that threat actors can manipulate for maximum harm.”

“Ransomware incidents are highly feared by Boards and leadership teams, and for good reason,” said Jenny Davey, global co-head of the crisis & issues management practice at FGS Global. “As recent high-profile attacks have shown, they can have crippling consequences on a business’s operations, financial situation and reputation – and the knock-on effects can be significant and far-reaching.

“As Boards consider the implementation of AI agents and automated workflows across their business, they must be mindful that it can be a double-edged sword: while AI can drive efficiency and performance across the business, it can also open up new attack vectors for cybercriminals to exploit and therefore present new reputational risks.

“Boards must also remain mindful of how AI is enabling cybercriminals to be more sophisticated in communications and engagement with victim organizations, and how it is driving and sharpening threats that are cyber-adjacent, such as deepfakes, synthetic media and misinformation campaigns. These can be particularly reputationally damaging if not handled swiftly and with care,” she added.

Report: Cyber Incident Insights Report 2026

UK defence sector funding hits “all-time high”, reveals new report

BY Fraser Tennant

Investments in the UK defence and national security sectors surged in 2024, with both government funding and private capital investments increasing, according to a new report by Heligan Group

In its ‘Investing in Defence 2025’ report, Heligan Group reveals that investment funding – primarily driven by venture capital for European defence, security and resilience start-ups – reached an all-time high of $5.2bn last year, nearly a fivefold increase over six years.

This boom, states the report, has been driven by geopolitical tensions and conflict, primarily the Russian war against Ukraine, which has driven greater demand for defence technology – increasing by 64 percent between 2014 and 2024.

The UK is also pursuing innovation programmes via the National Security Strategic Investment Fund and accelerators such as the Defence and Security Accelerator, with innovation centrally coordinated by the newly established UK Defence Innovation organisation.

“Public-private partnerships fundamentally reduce investment risk for private investors and provide long-term growth prospects,” said Matt Croker, a partner at Heligan Group. “PPPs also foster innovation and build the critical links and understanding between those with the need and those with the solutions.

“A new UK-European Union (EU) post-Brexit agreement also paves the way for UK-based firms’ access to the EU’s new Security Action for Europe – a €150b fund providing loans for defence projects,” he continued. “Subsequently, I believe that the long-term stability and resilience of investments in defence are improved due to a sector strongly influenced by geopolitical necessity and one that is financially backed with governmental support.”

The report also notes that alongside private equity and corporate investors. mainstream investors are playing a significant role, with a greater focus on dual-use technologies such as artificial intelligence, cyber security, autonomous systems and quantum, despite historically having shied away from such investments.

Heligan Group also recognises a tangible realignment of ethical and environmental, social and governance lines, with many seeing a momentum shift, with attitudes to defence and security investing now framed as essential for societal security and stability in the context of war in Eastern Europe.

Mr Crocker concluded: “With heightened threat levels, investors would appear to be loosening restrictions and recognising defence as a critical and necessary aspect of the overall investment landscape, as well as a potentially untapped and lucrative addition to their investment portfolios.”

Report: Investing in Defence 2025

Cyber crime costs increase – report

BY Richard Summerfield

An increasing number of attacks on critical infrastructure, a surge in phishing and record-breaking vulnerability disclosures are among the challenges facing companies operating today, according to a new report from critical infrastructure cyber security firm OPSWAT.

The report, OPSWAT’s inaugural Threat Landscape Report, reveals key findings from over 890,000 sandbox scans conducted over the past 12 months.

Among the key highlights within the report is the global cost of cyber crime, which is projected to reach $1.2 trillion in 2025, with downtime and lost productivity representing up to $1 trillion of that total. The report also highlighted a 127 percent rise in malware complexity and warns that traditional detection methods are falling behind, with one in 14 files initially deemed ‘safe’ by legacy systems later confirmed to be malicious. According to OPSWAT, the results underscore the need for multilayered defences and a shift away from outdated tools.

Attacks on operational technology (OT) and critical infrastructure have continued their upward trajectory in 2025. Sectors such as manufacturing, energy and utilities remain at the forefront of threat actor targeting, with financial and espionage motivations both in play. Ransomware remains one of the most prominent threats, featuring in 44 percent of all breaches across sectors and accounting for 75 percent of breaches within the system intrusion pattern. Vulnerability exploitation has also risen sharply as an initial access vector, with attackers particularly focusing on edge devices, firewalls and VPN services.

The report also made note of the surge in malware sophistication which is being driven by multi-stage execution chains and heavy obfuscation, with 7.3 percent of files missed by public OSINT feeds flagged as malicious by Filescan.io, on average 24 hours earlier. These were confirmed executions, not speculative flags, highlighting how adaptive analysis can close dangerous gaps left by static and reputation-based systems.

According to the report, malicious actors are increasingly favouring stealth over scale, concealing payloads in formats such as .NET bitmaps and steganographic images and repurposing Google services for covert command-and-control activity. Social engineering tactics are also evolving, with methods such as ‘ClickFix’ – a clipboard hijacking technique – becoming more widespread, with such attacks enjoying a bump in popularity among both criminal and nation-state actors.

Heightened regulatory scrutiny is also having an impact as it intensifies, particularly in the EU through the Network and Information Systems Security Directive 2, or NIS2, and the Cyber Resilience Act, and in North America, which is driving mandatory reporting and resilience requirements for critical infrastructure. As a result, the cyber security market itself is projected to grow at a 12.6 percent compound annual growth rate, reaching $301.9bn in 2025.

According to OPSWAT: “As critical infrastructure, government systems, and enterprise networks face growing targeting from increasingly modular and evasive malware, the findings of this report spotlight the evolving adversary playbook and the need for integrated, multilayered solutions. Cybersecurity leaders must now prioritize adaptability, shared intelligence, reassessing technology, and fast behavioral detection pipelines to protect systems from known threats, but also to keep pace with a rapidly evolving threat landscape and whatever is on the horizon.”

Report: 2025 OPSWAT Threat Landscape Report

UK healthcare M&A robust in Q1 2025, reveals new report

BY Fraser Tennant

Despite global economic uncertainty, M&A activity in the UK healthcare sector remained robust throughout Q1 2025 with deals continuing to flow, according to a new report by Heligan Group.

In its ‘UK Healthcare M&A Update: A Look Back at March 2025’, Heligan reveals that transaction activity across the sector remained on par with 2024 deal levels, with 59 deals completed in Q1 of 2025 – 17 in January, 17 in February and 25 in March.

Drilling down, health and social care remained the most active sector in Q1, accounting for 48 percent of total deal volume in March, driven by several lower-value transactions in the care home space.

Activity in pharma and life sciences also increased in March, representing 28 percent of deal volume, from two deals in February to seven, with oncology deals being a significant proportion of this subsector.

“Healthcare providers are increasingly adopting technologies such as remote monitoring, virtual consultations and artificial intelligence (AI)-driven triage systems to address growing patient demand and workforce challenges,” said Ramesh Jassal, a partner at Heligan Group. “These innovations are particularly focused on mental health, chronic condition management, and resource-efficient staffing, reflecting the evolving needs of modern healthcare systems.”

Key health and social care deals highlighted in the report include Eden Futures’ acquisition of Care Wish, BGF’s investment in OCL Vision, M&D Green Pharmacy Group’s acquisition of Nine Gordons Chemists stores and UK-based Pebbles Care acquiring Nurture Childcare Services.

In terms of pharmaceutical and life science deals, the majority of these were strategic acquisitions, including Swedencare’s acquisition of Summit Veterinary Pharmaceuticals and Surface Technologies’ acquisition of Accentus Medical.

However, a potential obstacle to a sustained international interest in UK healthcare assets are recent US tariffs, which are likely to introduce uncertainties that could influence future M&A activity, warranting close observation in the coming months.

“As we navigate 2025, weaker UK currency and recent US tariffs may enhance the appeal of UK healthcare assets to foreign buyers, potentially positioning the UK as a strategic gateway to the US market,” noted Mr Jassal. “However, the effectiveness of this opportunity depends on the evolving nature of US trade policies and their impact on global supply chains.”

 Report: UK Healthcare M&A Update: A Look Back at March 2025

©2001-2026 Financier Worldwide Ltd. All rights reserved. Any statements expressed on this website are understood to be general opinions and should not be relied upon as legal, financial or any other form of professional advice. Opinions expressed do not necessarily represent the views of the authors’ current or previous employers, or clients. The publisher, authors and authors' firms are not responsible for any loss third parties may suffer in connection with information or materials presented on this website, or use of any such information or materials by any third parties.