It has become increasingly difficult to prevent the bad
guys getting hold of your credit card and bank account details.Will
it ever be possible to secure them completely? Simon Moores thinks
probably not
We all know that there’s a strong possibility of
becoming a victim of conventional credit card fraud but, as a
booming internet economy with more than four million broadband
users, we are increasingly worried that Mafia gangsters will steal
our bank and credit card details from right under our
noses.
Today, I went to the cash point in my local village. The first
thing I did was look to see if it was actually working. It runs,
like many others on Windows NT and stuffed into the wall of a local
estate agent, it crashes with monotonous regularity.
My second action was to run my fingers around the edges of the
till and check the card slot. I get funny looks from the people
behind me but they are not as friendly with the police as I am and
it has become almost second nature for me to take a long hard look
at any cash point ,to make sure that it has not picked-up any
unusual or well-disguised peripherals that might surrender my card
and pin-number to a Romanian émigré in a car nearby.
A staggering one third of the population has been hit by credit
card losses at one time or another, according to APACS, a cost to
the card companies of £400m each year. There is a whole industry
devoted to finding new ways to steal the details from our little
plastic friends, with hardly a month passing without some new
scheme, invention or idea being used against a vulnerable - and
frequently naïve - general public.
When it comes to “phishing” for our more sensitive financial
details over the internet we are, it appears, rather less gullible
than our American cousins, which hardly comes as a surprise.
Where phishing cost British banks more than £4.5m over the past
twelve months a survey of more than 1,000 internet users, conducted
by the Ponemon Institute, concluded that losses in the US have
reached about $500m (£280m), with a many as 15% of those questioned
admitting that they had provided sensitive information including
credit card numbers, account information and social security
numbers to “spoofed” websites, thinking they were the real
thing.
Symantec now estimates that US banks and credit card issuers
have lost almost $1.2bn as a consequence of phishing exploits in a
single year.
So worried are the UK banks by the rising scale of online
threats and scams, that they have collectively launched a new
website,
www.banksafeonline.org.uk.
to warn the public of the risks of online fraud - a move which is
hardly likely to inspire confidence in the internet as the secure
and safe transactional medium, so imaginatively presented in the
latest television advert from BT.
How long, I wonder before the bad guys “spoof”, www
banksafeonline.org.uk with some clever e-mail-driven phishing
scheme which will invite you or I to enter credit card details or
download a piece of software to “secure” our PCs from what looks
like the authentic site but, is in, fact a server running out of a
small office in Lagos or Leningrad?
Government and the opposition are taking the threat of online
fraud more seriously than they were 12 months ago, which is
encouraging.
The big challenge, however, remains to catch the bad guys and
bring them to justice. Frequently, fraud of this kind is committed
somewhere beyond the immediate reach of the police and in places
you would be hard pressed to find in any tourist brochure.
Once the local police have arrested the suspect, a conviction
may prove to be an uphill forensic and evidential struggle,
followed by an effort to convince the local court that breaching
the Council of Europe Cyber-crime Convention is a more serious
offence than wearing a loud beard in a built-up area.
While we should give government and the finance industry credit
for every effort to reverse the tide of fraud which increasingly
floods our PCs I am left with a sense that we are all bit-part
actors in an episode of “Dad’s Army” and the only sensible comment
comes from Private Fraser. “We’re doomed Captain Mainwaring,
doomed.”
Setting the world to rights with the collected thoughts and
opinions of leading industry analyst Dr Simon Moores of
Zentelligence.
Acting globally, Zentelligence (Research) advises
governments, suppliers, business and the media on the evolution,
application and delivery of leading-edge technologies, and
specialises in the areas of e-government and information
security.
For further information on Zentelligence and its research,
presentation and analyst services, visitwww.zentelligence.com