“One in every eight workers admit to selling company logins” reports Cifas

For today’s organisations, the normalisation of credential sharing significantly increases exposure to the insider threat, as well as cyber and financial crime, by providing criminals with a trusted route into internal systems.

Cifas’ Workplace Fraud Trends 2025 report shows that 13% of respondents also believe selling access to company systems is ‘justifiable’. While three-quarters (75%) said that act was completely unjustified, the level of acceptance suggests a growing complacency around internal controls and staff responsibility.

Further, the detailed research highlights that almost one-third (32%) of senior managers and one-in-three (36%) directors feel that such behaviour is justifiable. Among C‑Suite executives, this figure rises to nearly half (43%). Business owners are the outliers with four‑fifths (81%) of them stating that selling login details is justifiable.

With World Password Day 2026 taking place on 7 May, the survey results serve as a timely reminder that effective fraud prevention relies not only on secure systems, but also on strong access governance, regular staff training and a clear organisational stance when it comes to the misuse of credentials.

Opening the door

Rachael Tiffen, director of learning at Cifas, explained: “Selling login details might seem insignificant to those involved, but it can open the door to serious fraud and financial harm. These findings show how vital it is for organisations to build fraud‑aware cultures whereby employees at all levels understand their responsibilities and the consequences of their actions.”

Tiffen added: “Counter‑fraud training plays a central role in helping members of staff to recognise manipulation, appreciate the risks associated with insider activity and act with integrity when handling access to systems and data.”

Joby Carpenter, fraud and emerging threats lead at ACAMS (the anti-financial crime certification and intelligence company) observed: “These research findings point to an unsettling reality. For a meaningful minority of staff, selling company logins is no longer beyond the line and that should concern every employer. The sale of credentials affords bad actors a ready‑made route into trusted systems and can enable fraud, cyber intrusion and broader forms of illicit activity.”

Carpenter concluded: “Cifas’ survey suggests that insider risk is not only persistent, but in some settings it’s also becoming normalised. For today’s organisations, this underlines the need to treat the insider threat as a core fraud and financial crime issue to be addressed by the development of a strong culture, proportionate controls, targeted training and effective access governance.”

*Further detail is available by accessing Cifas Workplace Fraud Trends 2025 report