Fraudsters stole £52.2m from UK online bank users in 2008, which
was £29.9m more than 2007 according to the latest figures from the
Association of Payment Clearing Services (Apacs).
And 20% of online bank users are still falling for phishing
cons.
The rise of 132% in a year is the highest since Apacs began
recording this type of fraud in 2004. Online banking fraud
actually fell from £33.5m in 2006 to£22.6m in 2007.
Apacs said that most of the losses were the result of
Phishing attacks. This is where a fraudster tricks a user into
giving their confidential account details through an e-mailclaiming
to be from their bank. This type of attack increased by 71% in 2008
compared to 2007. There were 44,000 of these attacks last year
compared to 26,000 the year before.
"We did some research last year that showed that one in every
five online bank users are susceptible to falling victim to
phishing attacks because of a lack of understanding."
Changes to the Banking Code, which now means users should follow
the banks' advice and have security software in place and not open
unsolicited e-mails, have spread fears that customers will not be
reimbursed for losses.
But Apacs said that victims are getting their money back. "If
you are the innocent victim of fraud you stand to get your money
back. This is done on a case by case basis, but banks are currently
helping out those customers that have fallen victim."
Banks will introduce security when the losses reach a certain
level that it becomes financially viable to invest in research and
development.
Several banks have introduced two-factor authentication through
card readers that generate one time passwords for online bank
customers. Barclays claims that none of its customers using its
device hasfallen victim to fraud. Earlier this month researchers
from Cambridge University found weaknesses in the systems.