The real world has its advantages. For one thing, you can see what you are buying when shopping, and for another, your family cannot be conned into accepting an impostor to Christmas dinner.

But online we are personified as voltages in metal cable, manipulated, routed, and transformed until only faith maintains that we are who we say we are or that the goods we purchased will actually arrive.

It's easy to underestimate the complexity of human interactions and behaviours.

As we go about our real-world lives, drive to the supermarket, park the car, walk the aisles searching for custard, our physical presence is a counter-fraud technology.

Unknowingly, we pass countless subtle checks that could fire a suspicious conduct alert.

The traditional nosy-neighbour behind lace curtains may report an overdue tax disc, you may fall foul of traffic laws, at the checkout your demeanour is inspected and your currency scrutinised, its texture verified unconsciously.

Technology finds it difficult to compete with even the security provided by the humble curtain twitcher.

Human beings evolved to sniff out suspicious activities and be ever watchful for threats, at the shopping mall or on the vast savannah of pre-history; we are very good at it.

So it is with utmost caution we should dismiss our intuition for security. And yet, that is what online trading has done.

In a geological nanosecond, we have thrown away a million years of evolution and replaced it with a password and a question about your mother's maiden name.

It is no surprise therefore, that online fraud has exploded. According to the Anti-Phishing Working Group (APWG), Phishing - the tricking of people into giving out their account logon details through directing them to a false website - has increased 600 per cent since January 2004.

Some estimates put the banking industries losses at tens of millions of pounds, and yet the National Hi-Tech Crime Unit, NHTCU, has made just 13 arrests for Phishing related crime since its inception in 2001.

Dave Brunswick, Tumbleweed Director of Technology and APWG spokesperson, believes Phishing must be combated on a broad front.

How we attack Phishing without destroying the user experience is through,

'Education, using the latest available software; browsers and virus software and email firewalls, together with better identification and authentication methods, and international law enforcement cooperation.'

But expecting non-technical users to configure firewalls and keep virus checkers updated while working with the latest authentication software is asking a lot.

Dr Jakob Nielsen, useability expert from the Nielsen Norman group, says that computer technology was not invented to fight crime and that anti-fraud architecture has to be simple, 'Computer security is too complicated and the bad guys are too devious and inventive, so it is simply not realistic to assume that average people can keep up with them.'

But while computers are complicated for the novice, Richard Starnes, Director of Incident Response for Cable and Wireless believes that for those with a technical persuasion participating in fraud is easy, 'The process is actually quite simple and does not require a great deal of talent. Phishing is not a technically sophisticated crime.'

As with so many software systems, online security would be perfect if it wasn't for the user. Solutions concentrate on education and drowning them with anti-fraud strategies until they are scared to log on.

'As long as we keep placing the burden on the users instead of fixing the technology, we will never realize the full benefits of the Internet,' says Nielsen, 'Instead, we will scare people and make them ever more reluctant to use the technology to its full potential.'

But until software is capable of emulating the village nosy-parker, and is as effortless as feeling the texture of a five-pound note, it seems our online world must be protected by abstract and onerous security arrangements that most of us will never understand.

Either that, or enterprises must continue to bear the burden of fraud so that customers keep using their websites.