The rapidly growing danger of the 'insider threat'

New findings point to the insider threat of rogue employees being a far greater threat than has hitherto been realized. According to the latest report from non-profit organization, UK-based Cifas, Workplace Fraud Trends 2025, one in eight employees (13 per cent) said that they had sold company log-in details or knew someone who had, "often under the belief it's harmless".

The same proportion of those surveyed said that they found selling access to their company's systems "justifiable". Almost a quarter (24 per cent) said they also believe it is acceptable to work for a competitor, a process known as "polygamous working". Cifas believes that these findings indicate a cultural shift where staff increasingly see nothing immoral in selling out the companies they work for in the interests of personal gain.

A cultural shift

"These findings aren't isolated incidents – they reflect a broader shift in workplace behaviours when faced with the opportunity to commit fraud. These insights suggest a shift in workplace norms and raise urgent questions about organisational culture, risk management, and accountability. Organisations must take steps urgently to build effective counter-fraud cultures in the work place, strengthening prevention, and empowering employees to do the right thing," says Cifas CEO, Mike Haley.

The reasons behind this cultural shift could include the current UK housing shortage and the rapidly rising cost of living, resulting in a growing proportion of employees feeling exploited and justified in taking an 'every man and woman for themselves' approach. There is also, of course, the danger of basically dishonest staff members seeing an opportunity for swift financial gain.

But the danger of the growing insider threat should not be underestimated. There were numerous examples of this leading to major cyber breaches in 2025. These included the Coinbase cyber-attack, where rogue support agents were bribed to exfiltrate customer data, leading to a $20 million bounty to mitigate the attack and a major breach at sportswear giant Adidas, which occurred when a third-party service provider exposed customer contact details.

Companies tend to shy away from tackling the problem, as they do not wish to accuse their staff of dishonesty in the absence of any hard evidence. But, in addition to using Zero Trust protocols and establishing other safeguards, companies should also educate their staff to teach them about the responsibility they carry and how seemingly minor security leaks can provide entry points for organized criminal gangs with potentially devastating consequences for the entire organization. Cifas has issued guidelines detailing how organizations can best protect themselves.