Americans lost $2.4bn to net fraudsters in 2003

US consumers lost $2.4bn last year to online scammers and phishing attacks.

Most fraud was carried out by people gaining access to account numbers and passwords. The average loss for the victims was $1,200. Gartner surveyed 5,000 US Internet users which led to the estimate that just under 2m US citizens were hit by some form of online fraud last year.

Avivah Litan, research director at Gartner, said: "In most cases that are not inside jobs, thieves likely stole account numbers and passwords to get into accounts online or through telephone banking services,"

Phishing and key logging are the most popular methods to obtain information. Phishing attacks send consumers emails which look like they come from trusted financial institutions. They are directed to a website, apparently part of the bank or auction site, and trick people into entering passwords and user names. The identities collected are then defrauded. Fraudsters also use key-logging software to capture passwords entered on a computer.

According to Gartner, banks must strengthen security on their websites and phone banking systems. "Shared secrets" are the best way to solve this problem until proper systems are in place, it says. Shared secrets are responses to questions like "Name of your favourite pet".

Gartner looked at five types of fraud: new account fraud, cheque forgery, unauthorised access to checking accounts, illegal credit card transaction and fraudulent cash advances on credit cards. Unauthorised access to accounts grew fastest in the past year, almost half of reported incidents took place in the past year, compared with 34 per cent of illegal credit card purchases.

Checking account hijackings were second only to dodgy credit card purchases, using a stolen credit card to buy goods.

The press release is here. ®

Related stories

Lottery scams new flavour of the month
Fear of phishing hits e-commerce
Phishing scams cost UK banks £1m+