BUSINESSES are being warned about ransomware attacks, as new figures reveal over 300 companies were targeted last year.

Data from Report Fraud said that 323 organisations reported a ransomware attack between April 2025 and March 2026. More than 50 per cent were from Small Medium Enterprises (SMEs).

As part of a campaign which launched on Monday, June 29, Report Fraud has urged everyone to protect themselves and their businesses from the active threat of ransomware attacks.

A Report Fraud spokesperson said: “If you are a small or medium sized enterprise currently experiencing a ransomware attack, you should report it immediately by calling Report Fraud on 0300 123 2040. Report Fraud has a 24/7 phone line dedicated for businesses, charities or organisations who are under a cyber attack.

“Do not pay the ransom. The National Cyber Security Centre and UK law enforcement do not encourage, endorse or condone the payment of ransom demands. There is no guarantee that access can be regained to data held and devices could still be infected.

“Take the right steps to ensure your organisation is protected against ransomware by looking at the advice and guidance from the National Cyber Security Centre.”

A ransomware attack happens when cyber criminals, who are part of an organised crime group, find a vulnerability in a company’s network to gain access, then establish control and plant malware into the company’s encryption software.

Once malware is planted and activated, it locks devices and access to data across the company’s network and the cyber criminals behind the attack will then demand a ransom via an onscreen notification in exchange to decrypt the files or data held. The cyber criminals will often use an untraceable payment method, likely using a cryptocurrency.

You can find more advice online via the National Cyber Security Centre website.