Phishing attacks and online banking fraud losses soar in the UK

Out-Law News | 08 Oct 2009 | 11:09 am | 2 min. read

The number of phishing attacks on online banking systems has risen by 26% in the first half of this year. Phishing is the technique that was used to uncover the tens of thousands of Hotmail, Google Mail and Yahoo! Mail passwords revealed this week.

Phishing is the practice of creating fake versions of websites and asking users to enter their login details. Those details are then stored so that they can be used on the real sites.

It was revealed last week that more than 10,000 users of Microsoft's Hotmail service had had their details harvested by phishing attacks. They were then published online. It emerged this week that a similar problem had emerged in relation to the details of users of other web mail services such as Google Mail and Yahoo! Mail.

Banking trade body the UK Payments Administration has now said that UK users' bank accounts are facing a steep rise in phishing attacks. In figures just published for the first six months of this year it said that phishing attacks had risen by 26%.

The UK Payments Administration's anti-fraud group Financial Fraud Action (FFA) has published details of fraud in UK banking this year. It found that most kinds of fraud, such as that involving payments cards, fell but that the value of internet banking fraud grew.

"Online banking fraud losses totalled £39 million during the six months to June 2009 – a 55% rise on the 2008 figure," it said in a statement. "The increase is largely due to criminals employing more sophisticated methods to target online banking customers through malware scams – which target vulnerabilities in customers’ PCs – rather than the banks’ own systems which have proved more difficult for the fraudsters to attack."

"There were also more than 26,000 phishing incidents during January to June 2009 – a 26 per cent increase on the amount seen in the same period last year," it said.

The figures revealed, though, that the amount lost by consumers through distance shopping fraud fell for the first time.

"Losses from phone, internet and mail order shopping fraud have fallen for the first time ever and now stand at £134m," said the FFA. "Reasons behind this decrease include the increasing use of sophisticated fraud screening detection tools by retailers and banks, as well as the continuing growth in the use of MasterCard SecureCode and Verified by Visa (online payment systems that make cards more secure when shopping on the internet), by both online retailers and cardholders."

William Beer of PricewaterhouseCoopers said that it believed that fraud in online banking is likely to continue to grow.

"Unfortunately it is a trend that we believe will continue," he said. "Criminals are now very specialised in identifying and exploiting vulnerabilities, unprotected personal PCs and the public's lack of awareness make them much easier to attack than banks' networks."

The FFA said that all users of online banking systems should ensure that they have up to date anti-virus and spyware software on their machines.