Top cybercrime resources and tools to protect your charity

Charities are increasingly being targeted by cyber criminals, looking to exploit a sector that too often can be seen as an easy target. This is particularly the case amid the Covid-19 pandemic, with a growth in remote working leaving staff at potentially greater risk of attack.

According to a survey by Specorps Software this year, around two thirds (62%) of charities have seen an increase in cybercrime during lockdown as they pivot their operations online.

Among the most high profile cybercrime incidents to impact the charity sector in 2020 was the ransomware attack on cloud computing provider Blackbaud. Hackers stole data in return for a ransom, which the US-based provider paid. The National Trust and Crisis were among charities affected.

As well as ransomware, there is a number of increasingly sophisticated techniques criminals are using. This includes cryptojacking, where criminals gain unauthorised use of devices to mine for crypto-currency. Another is phishing, where criminals send false emails to gain information, passwords and access to bank accounts.

Here we look at some of the key organisations, resources and products available to help charities protect themselves online.


Skurio’s digital risk protection platform aims to protect charities from data breaches. This includes its Breach Alert feature, which monitors data and information and provides instant alerts.

Offers and discounts are available for charities.

Among those supported by Skurio is Breast Cancer Now, which went live with the BreachAlert in May 2018. This involved integrating the platform into the charity’s IT and data.

Avast Business Antivirus

Avast Business Antivirus is a package of products aimed at small to medium sized organisations to protect them from cyber attacks, including ransomware incidents.

Discounts on an annual subscription for charities are available.

Features include a file shield that scans files that are opened and downloaded to make sure it is free of any malware.

Another is a Wi-Fi inspector feature, which scans networks for threats. It also includes am Anti-spam feature to keep out phishing emails as well as annoying emails


Bitdefender offers a range of products to protect charities from cyber threats, including its GravityZone Buiness Security software. This protects devices and servers from threats including viruses, spyware and Trojan horses, which are malicious codes or software that look to take control of a device. This is another cyber threat prevention product where it is worth asking for a charity discount.

According to Bitdefender, more than 12 million new and variant strains of malware emerge each month.

It adds: “Social networking websites such as Facebook and Twitter provide cybercriminals with personal data for exploitation through social engineering and can enable malware to spread faster than ever. If a malware may once have taken days or even weeks to propagate, it can now reach millions of computers in hours.”


Cloud based cyber protection firm F-Secure looks to protect organisations from threats including data breaches and ransomware attacks. It also offers an integrated patch management feature, which is a process whereby systems and software are updated with new pieces of code to fix vulnerabilities that may leave a system open to threats.

Products include F-Secure Protection Service for Business, which looks to render previously unknown attacks harmless as well as prevent ransomware threats.


This cyber protection product is designed with small organisations in mind and offers features such as anit-spam, ransomware protection and file encryption.

Kaspersky offers specific advice around protecting from Covid-19 charity cybercrime scams. This includes finding out how criminals can set up fake charities or impersonate existing voluntary sector organisations. Advice on tackling phishing is also available as well as staying safe on social media.

National Cyber Security Centre

The government’s National Cyber Security Centre (NCSC) was launched in 2016 as a single point of contact for organisations, charities and government departments to tackle and prevent cybercrime.

Among resources and support it offers is a small charity guide.

This has been produced to help charities to protect themselves form the most common cyber attacks. This includes backing up data, keeping devices safe and preventing malware (malicious software) attacks. Advice on using passwords to protect data, as well as avoiding phishing attacks are also in this guide.

The NCSC also runs Cyber Essentials, a government backed scheme to help organisations protect themselves from cyber attacks.

In addition, the NCSC produces a cyber security toolkit for boards and advice on how to report fraud.

The Charity Commission

The regulator for charities in England and Wales offers a raft of resources and advice to help the voluntary sector protect itself from cyber threats.

Resources include the Charity Fraud Awareness Hub, which is run by the regulator alongside the Fraud Advisory Panel and UK Finance. It has helpsheets, case studies and runs webinars. A recent webinar promoted through the hub took place in May and offered charities advice on preventing fraud amid the Covid-19 pandemic.

The case studies available through the hub are particularly interesting for charities to ensure they can protect themselves from cyber criminals.

Other resources include advice on how to report fraud.

The Charities Security Forum

Formed in 2007, the Charities Security Forum group represents information security experts working for charities and looks to address security issues affecting the sector.

It offers a raft of resources and support to the sector and basic membership is free, with no joining fees or membership dues.

Members are encouraged to discuss and share their expertise on cyber security issues. This includes a discussion group on LinkedIn. It also publishes sector specific whitepapers and organises social events.

Action Fraud

The UK’s national reporting centre for fraud and cybercrime offers access to a number of resources to help protect charities from cyber threats. The organisation is run by the City of London Police, working with the National Fraud Intelligence Bureau.

It also offers an online reporting service when an incident occurs.

Fraud Advisory Panel

Charity the Fraud Advisory Panel looks to champion good practice on fraud prevention, detection, investigation and prosecution to ensure people and organisations are protected.

It is one of a number of charity stakeholders globally involved in staging the annual Charity Fraud Awareness Week, which takes place on 19-23 October in 2020. This aims to raise awareness among charities and the public of the threats they face from criminals online. More information can be found on social media using #CharityFraudOut.

As well as being a partner in running the Charity Fraud Awareness Hub, the Fraud Advisory Panel also has a raft of e-learning resources available to help charities protect themselves.

    Share Story:

Recent Stories

How Age UK navigated a remote call centre in a crisis
In the first of a series of three digital leadership podcasts, Lauren Weymouth chats to Age UK’s Alasdair Stewart about how the charity set up, navigated and successfully delivered The Silver Line phone service remotely during the peak of the Covid-19 pandemic.

Sponsored by Amazon Web Services

To find out more about cloud computing for charities visit the Amazon Web Services nonprofits page.