Two in five large UK businesses have fallen victim to a "bluff" ransomware attack, according to a new survey.

"Bluff" ransomware attacks involve cybercriminals falsely claiming that malicious software has successfully infected an organisation's network before demanding an extortionate payment in return for the "encryption key" supposedly needed to access data.

Almost two-thirds (61 per cent) of targeted organisations paid out a ransom as a result. Payments for non-existent security crises were typically between £10,000 and £25,000 - with an average per incident of £13,412.

More than half of the affected businesses shared that information with police forces (56.89 per cent) and cybersecurity organisations such as the National Cyber Security Centre (58.67 per cent). Cybersecurity initiatives, such as No More Ransom, were also kept in the loop but less than a quarter (24 per cent) of the affected businesses shared that information with customers, partners and suppliers.

The stats come from an online survey of 500 IT decision-makers at companies across the UK with 250 or more employees run by One Poll and commissioned by Citrix. The poll also found that almost half (42 per cent) of large British businesses have experienced a cyber-criminal claiming to have successfully launched a ransomware attack against their company system.

The premise of the bluff ransomware ruse recalls a scam that became fashionable last year that involved "hackers" making empty DDoS threats while posing as the Armada Collective, a notorious cybercrime crew known for launching real website-flooring assaults.

Affected companies may not feel they have the luxury of hoping the attack is not real and refusing to pay the ransom. This mentality may be resulting in British businesses paying out when it is not necessary, while simultaneously supporting cybercriminal activity.

Chris Mayers, chief security architect at Citrix, said: “Cyber criminals on the lookout for easy wins and lucrative targets are taking advantage of fears around ransomware to make money from ‘bluff’ ransomware attacks. With so many UK businesses falling victim to these scams, learning to distinguish real threats from a false attack can save considerable sums.

“Organisations can pinpoint a real attack and completely eradicate it with the correct technical expertise – but this expertise is in short supply. Good cyber hygiene, on the other hand, is readily available. By committing to the most robust cybersecurity techniques, companies can lessen the chances of falling prey to a real ransomware attack or creating any vulnerabilities which could lead them to believe their system has been hacked by cyber-attackers when it has not.” ®