Banks are hit by huge rise in online attacks

Phishing and other fraud leads to £14.5m losses in six months

The amount of money stolen through phishing and other online attacks on bank accounts increased 263 per cent in the first six months of this year compared with 2004.

Banking industry body Apacs revealed this week that the industry lost £14.5m between January and June from these kinds of scams, compared with just £4m in the same period last year.

Apacs says criminals are moving online to exploit fraud opportunities as the UK’s chip-and-Pin rollout starts to cut back other forms of card crime.

While overall card fraud fell 13 per cent – from £252.6m in the first half of last year to £219.4m – internet-based card-not-present fraud grew five per cent to £58m, and now accounts for more than a quarter of all card losses.

‘Online fraud has risen hand in hand with the way we use the internet. It has also been helped by the tightening of face-to-face security,’ said a spokeswoman
for Apacs.

The figures highlight why the banking industry has been stepping up its efforts to crack down on online crime.

Lloyds TSB last month announced a trial of a keyring-sized security device with 30,000 of its customers to physically authenticate online transactions (Computing, 20 October).

Ken Farrow, head of group fraud and intelligence at LloydsTSB, says the industry must improve online security before trust is eroded.

‘The public is fed up and frustrated, because the internet is such a convenience and enriches their lives. We do not want that to be completely subverted by crime,’ he said.

HSBC says it will issue a similar security device to UK customers if phishing emails and key-logging software continue to grow, following pilot projects in Hong Kong and Brazil (Computing, 3 November).

And Barclaycard is conducting a pilot with 5,000 customers of a device that requires entry of a Pin code by web users to generate a unique code to secure online transactions.

The company is evaluating whether the technology is worth deploying. A spokesman confirmed that it has no fixed rollout goals as yet.

The banking industry is still awaiting the creation of a standard, being driven by Apacs and in final tests, which will allow for interoperability between cards and devices from different banks.