A sudden switch to working from home allowed cybercriminals to steal billions from UK businesses during the pandemic.

Criminals struck hard and fast, exploiting weaknesses revealed when remote working systems were deployed, according to a report by Gloucester-based web experts Fasthosts. They used time-tested tactics to steal user data, disrupt website functionality.

And just as businesses begin to recover there are mounting concerns Russia's invasion of Ukraine will unleash a fresh wave of cyber-attacks throughout the world. Professor Kamal Bechkoum, Head of the School of Computing and Engineering at University of Gloucestershire said employers should take urgent action to avoid falling victim to phishing scams.

Cybercrime soared in the 13 months from January 2021, said a report by web hosting company Fasthosts, based in Southgate Street. It compiled data from the National Fraud Intelligence Bureau (NFIB) which showed 445,357 cases were reported, a rise of 98 per cent in 13 months. In total, this is thought to have resulted in reported losses of over £2.4 billion. But as not every case is reported, the figure could be even higher.

The massive increase means that since January 2021 at least 63% of all reported crimes have been cyber-related.

According to the data, the overwhelming majority of those affected by cybercrime in the last 13 months were everyday people. The NFIB statistics show 87% of reports came from individuals.

At least 21,200 reports of cybercrime were from private limited companies, 4,800 were by public limited companies, more than 1,400 were by sole traders and charities reported more than 1,100 cyber attacks.

The most common type of cybercrime in the UK was through online shopping and auctions with around 88,700 cases of fraud over the last 13 months. This was mostly in the form of scammers posing as legitimate sellers of popular products to steal financial information. Lockdowns caused online purchases to soar, meaning more opportunities for scammers.

Advanced fee fraud is the second most common type of crime and one of the oldest tricks in the book. This is where scammers contact a victim, usually online, asking for an up-front or advance payment in return for goods or services that don't exist. There were more than 31,000 cases reported during the pandemic.

Finally, the third most common type of cybercrime was banking fraud such as cheque, card, and online bank account scams. There were around 26,400 cases reported.

Michelle Stark, sales and marketing director at Fasthosts told Tech Digest: ''The pandemic significantly affected both businesses and individuals. It led to a dramatic shift in consumer behaviour, as many purchases that were normally made in-person were forced online. As a consequence of this rapid digitisation, there was an immediate greater need for online security measures and vigilant risk management from businesses.

"Whilst behaviours and attitudes are shifting back to the way they were pre-pandemic, we're unlikely to see a full return to the world pre-COVID. Despite the immense disruption it brought, the pandemic gave a newfound opportunity for strategic investment, particularly into digital channels. Many businesses have now already pivoted to meet this new consumer demand, but it will require extra care from both businesses and consumers to minimise the risk of becoming victims of cybercrime."

Professor Kamal Bechkoum, head of the School of Computing and Engineering at University of Gloucestershire, said UK businesses also need to take urgent action against the cyber threat created by the conflict in Ukraine.

The recent discovery in Ukraine of 'wiper' malware, a denial-of-service assault which paralyses websites by bombarding them with information requests, has accelerated a rush by businesses to bolster their defences should it spread.

Microsoft has also detected a new malware named 'FoxBlade' which has focused on stealing health, insurance and transportation data from Ukrainian essential services.

Professor Bechkoum said: "In this era of global threats, we can all be victims. Too many businesses and people are caught out thinking 'it's not going to be us, we're not that important.' This is precisely when you can become most exposed.

"Cyber threats should be treated as a company-wide responsibility that is part of organisational culture and fully embedded in disaster recovery plans.

"Around 95% of internal breaches are caused by human error. Training and education have to be continuous as digital resilience is a process, not an event, and as such requires continuous vigilance and ongoing risk assessment."