https://www.cifas.org.uk/workplace-fraud-trends-2025
A alarming report from UK fraud prevention organisation Cifas has revealed that 13 percent of employees either have sold company login credentials in the past year or know someone who has, and an equally troubling 13 percent believe doing so is entirely justifiable. The findings, published in Cifas’s inaugural Workplace Fraud Trends report, point to what the organization describes as a worrying shift in attitudes toward insider-enabled fraud. Motivations cited by Cifas include financial hardship, the belief that it would be a harmless one-time act, confidence in not getting caught, and workplace disgruntlement, painting a picture of an insider threat landscape that is as much a cultural problem as it is a technical one.
Perhaps the most startling element of the report is how tolerance for credential selling increases dramatically with seniority. While the exact percentage of rank-and-file employees who find the practice justifiable was not specified, the numbers climb sharply up the corporate ladder, 32 percent of managers, 36 percent of directors, and 43 percent of C-suite executives said selling login details was justifiable, with a staggering 81 percent of business owners expressing the same view. IT and telecoms professionals were also flagged as a particularly high-risk group, displaying the greatest tolerance for fraud-related behaviours across multiple scenarios examined in the study, including moonlighting for competitors, expense fraud, and the use of fraudulent job references.
The findings carry significant implications for organisations worldwide, despite the data being UK-specific. In a company of 1,000 employees, roughly 130 individuals may have direct or indirect exposure to credential-selling activity, a sobering statistic given that stolen login details are among the most sought-after commodities on dark web marketplaces and a primary enabler of corporate data breaches. Cifas urged organisations to foster fraud-aware cultures where employees at all levels understand their responsibilities and the consequences of their actions, emphasising that robust insider threat programs and security awareness initiatives are now more critical than ever.