By Gemma Simpson, 7 November 2006 10:20
NEWS
The number of phishing scams in the UK has escalated by 1,471 per cent in the last 12 months, the latest fraud figures from the UK payments association APACS revealed.
The huge hike in phishing equates to 5,059 scams reported in the first six months of 2006, compared with only 312 incidents over the same time period in 2005. And this had contributed to an overall hike of 55 per cent in all incidences of bank fraud.
Typical phishing scams rely on a spoofed website, made to look like the site of a bank or popular e-tailer's site, such as Amazon or eBay, where the unsuspecting user submits personal information such as bank or credit card details to the website.
Want to know more about online scamming and how to protect yourself?
Try silicon.com's cheat sheets on:
♦ Phishing
♦ Chip and PIN
♦ Two-factor authentication
There is also a 55 per cent rise in losses from online banking fraud, equating to £23m in the first half of 2006.
Sandra Quinn, director of communications at APACS, told silicon.com: "It was inevitable that [online banking fraud] would go up."
Quinn said most of the 55 per cent increase in online banking fraud is due to the huge hike in the number of phishing scams being launched but in real terms the number of people falling for phishing scams has actually increased less than last year's figures.
Quinn said it appears people are getting wise to phishing scams at last. "I would worry if online banking had gone up the same amount as phishing [as this would indicate every phishing incident had caused an incident of fraud," she said.
Phishing can cost a company big bucks, with the Bank of Ireland coughing up €160,000 for phishing victims of late.
Cash machine fraud was also up 37 per cent for the first six months in 2006, compared with the same period in 2005.
Quinn said fraudsters are now moving from the retailers to cash machines as chip and PIN stopped fake cards being used in shops.
Quinn added that when the research was done not all cash machines were using the chip and PIN technology, so this figure is expected to decrease in the second half of 2006, and the next step in beating the fraudsters is installing anti-skimming technology onto cash points.
A typical skimming scam, involves fraudsters attaching a device to the entry slot of the cash machine to record the details of the card's magnetic strips as they are inserted into the machine. In advanced stings a miniature camera is hidden overlooking the PIN pad which allows the criminals to capture the PIN number as well. Alternatively the scammer can 'shoulder surf' - read over the victims shoulder as they enter their PIN.
Quinn said: "None of the anti-skimming technology is foolproof. Banks will wait to see what works [before investing in the technology]." Lloyds TSB began installing anti-skimming devices in all its UK ATMs earlier this year.
Comments
There are 5 comments. Join the discussion
1. ian paterson
We seem to be under attack from all sides. Identify thieves going through your bins, phishing in your inbox, cash machines with hidden cameras and card readers, 'shoulder surfers' in shops and bars, number plate cloning to avoid congestion charge and terrorists around every corner. No wonder Prozac are doing so well.
Nest thing you know your iPod will be obsolete!
Whatever next!
2. Richard
ID cards won't help!
This shows what's wrong with the current ID project:
To make e-commerce safer and hence more popular, ordinary people need better ways of verifying that web-sites, emails, phone callers and officials are genuine.
Unfortunately the government's current ID project works the wrong way round and so won't help this. It has also distorted the ID debate & the research.
Ordinary people already have ways of proving their identity: Why must we pay for another hugely expensive, dangerous project which (even if it works) will only deliver something we already have?
3. anonymous
Banks aid phishing by not having consistent addresses. Start to log in and the address can change. I checked some of the addresses within one bank site and had a link to an insecure totally different address of a unknown 3rd party security firm, have had security signatures not up to date. Some don't have a way to identify back that they are truly the site you think you are on.
4. Andrew Bud
The fact that online bank fraud is up 55% (as reported by Rupert Jones on 7th November) suggests that consumers must become more expert at information security to avoid suffering banking fraud via new technology. The banks do their best to warn and alert us of the risks, but the criminals are evidently moving faster.
The introduction of chip and pin on credit and debit cards has reduced point-of-sale fraud, but online banking is clearly still vulnerable. Banks must therefore look harder at new, more personal ways to warn customers
Mobile banking is now growing in popularity and consumers are becoming increasingly familiar with making payments and transferring money via SMS. Yet so much more could be done to protect consumers from banking fraud using SMS.
SMS makes it possible to contact customers within seconds of a suspicious transaction hitting an account. The notification is unobtrusive yet compelling – far less disturbing than a phone call. The cost to the bank is so low that it is unnecessary to pass the charges on to the customer.
Yet horror stories still abound of people who have had their accounts emptied over a number of days by a company they’ve never heard of on the opposite side of the world. With most banks still reliant on manual processes to verify high risk transactions, customers can wait for days before being given the opportunity to verify that they actually weren’t holidaying in Thailand. This delay increases the risk and cost of multiple frauds on an account. For such a time sensitive problem, mobile services provide the perfect solution, ensuring that fraud alerts can be received anytime, anywhere and actioned immediately by recipients.
5. peter harrap
In-store CCTVs are consistently placed in Cardiff to be able to read your pin. One Post Office has its CCTV cameras pointing straight down the line of ship and pin machines all of the time. This occurs in banks, airports, railway stations and department stores etc; who here now pride themselves on the latest buzzword "personal space surveillance". Darn right!!