Fraudsters stole £52.2m from UK online bank users in 2008, which was £29.9m more than 2007 according to the latest figures from the Association of Payment Clearing Services (Apacs).
And 20% of online bank users are still falling for phishing cons.
The rise of 132% in a year is the highest since Apacs began recording this type of fraud in 2004. Online banking fraud actually fell from £33.5m in 2006 to£22.6m in 2007.
Apacs said that most of the losses were the result of Phishing attacks. This is where a fraudster tricks a user into giving their confidential account details through an e-mailclaiming to be from their bank. This type of attack increased by 71% in 2008 compared to 2007. There were 44,000 of these attacks last year compared to 26,000 the year before.
"We did some research last year that showed that one in every five online bank users are susceptible to falling victim to phishing attacks because of a lack of understanding."
Changes to the Banking Code, which now means users should follow the banks' advice and have security software in place and not open unsolicited e-mails, have spread fears that customers will not be reimbursed for losses.
But Apacs said that victims are getting their money back. "If you are the innocent victim of fraud you stand to get your money back. This is done on a case by case basis, but banks are currently helping out those customers that have fallen victim."
Banks will introduce security when the losses reach a certain level that it becomes financially viable to invest in research and development.
Several banks have introduced two-factor authentication through card readers that generate one time passwords for online bank customers. Barclays claims that none of its customers using its device hasfallen victim to fraud. Earlier this month researchers from Cambridge University found weaknesses in the systems.