Cybercriminals are becoming increasingly sophisticated, and impersonation attacks are among the fastest-growing threats facing UK businesses today.
According to Mimecast, 97% of organisations faced email-based phishing attacks in the past year, with impersonation tactics playing a key role. These attacks do not rely on brute force or complex malware. Instead, they exploit something far more vulnerable: human trust.
An impersonation attack occurs when a cybercriminal pretends to be someone else—usually a trusted individual or organisation—to manipulate someone into sharing sensitive information, transferring money, or clicking malicious links.
This could be a spoofed email from your CEO requesting a payment, a fake message from your IT team asking for login credentials, or even a text that appears to be from your bank.
The aim is simple: to trick someone into doing something they should not.
As businesses improve their technical defences, attackers are shifting focus to the human layer. The rise in hybrid working, BYOD (bring your own device) culture, and widespread reliance on email and collaboration tools makes it easier than ever to exploit gaps in user awareness and verification.
According to the UK’s National Cyber Security Centre (NCSC), social engineering attacks—including impersonation—are responsible for a large proportion of cyber incidents reported by businesses each year.
Common tactics include:
CEO fraud – emails that appear to be from senior leadership requesting urgent action
Supplier impersonation – attackers posing as a trusted vendor to change payment details
Phishing and spear phishing – fake messages crafted to appear genuine and credible
The best defence against impersonation attacks is a layered approach that includes both technology and education. Businesses should deploy advanced threat protection that scans for spoofed email addresses, suspicious links, and malicious attachments. Equally important is regular cybersecurity training for employees to help them recognise red flags and verify requests through secure channels. Building a culture of vigilance, supported by smart tools, is key to reducing the risk of a costly breach.
Falling victim to an impersonation attack can have serious consequences:
Financial loss from fraudulent payments
Data breaches that damage customer trust
Downtime and disruption to operations
Reputational harm that can take years to repair
Beyond the immediate financial and operational damage, businesses must also consider the regulatory consequences of a successful impersonation attack. Data loss resulting from phishing or fraud may breach GDPR requirements and industry-specific compliance standards. This can lead to investigations, fines, and long-term damage to your organisation’s credibility with customers, partners, and regulators.
Even with the best technical infrastructure, your people are your first—and often weakest—line of defence. That is why proactive protection is essential.
Onecom’s CyberProtect service helps identify impersonation risks before they escalate by continuously monitoring the dark web for compromised data, such as usernames and passwords. If your login details or customer records appear online, you will be alerted in real-time, enabling swift action to prevent potential breaches.
With CyberProtect, you gain:
24/7 dark web monitoring to detect compromised credentials and sensitive data
Real-time alerts for immediate response to identified threats
Integration with existing security systems for streamlined protection
Threat intelligence mapping to understand emerging cyber threats and adapt security strategies accordingly
CyberProtect provides visibility beyond your firewall, helping to protect your business against impersonation, fraud, and reputational damage.
Impersonation attacks often start with compromised data. With Onecom CyberProtect, you can discover what attackers already know and take action before it is used against you.
Contact our cybersecurity team today to book a free CyberProtect assessment.