Feeds

Americans lost $2.4bn to net fraudsters in 2003

Phishing fastest growing online crime

  • alert
  • submit to reddit

High performance access to file storage

US consumers lost $2.4bn last year to online scammers and phishing attacks.

Most fraud was carried out by people gaining access to account numbers and passwords. The average loss for the victims was $1,200. Gartner surveyed 5,000 US Internet users which led to the estimate that just under 2m US citizens were hit by some form of online fraud last year.

Avivah Litan, research director at Gartner, said: "In most cases that are not inside jobs, thieves likely stole account numbers and passwords to get into accounts online or through telephone banking services,"

Phishing and key logging are the most popular methods to obtain information. Phishing attacks send consumers emails which look like they come from trusted financial institutions. They are directed to a website, apparently part of the bank or auction site, and trick people into entering passwords and user names. The identities collected are then defrauded. Fraudsters also use key-logging software to capture passwords entered on a computer.

According to Gartner, banks must strengthen security on their websites and phone banking systems. "Shared secrets" are the best way to solve this problem until proper systems are in place, it says. Shared secrets are responses to questions like "Name of your favourite pet".

Gartner looked at five types of fraud: new account fraud, cheque forgery, unauthorised access to checking accounts, illegal credit card transaction and fraudulent cash advances on credit cards. Unauthorised access to accounts grew fastest in the past year, almost half of reported incidents took place in the past year, compared with 34 per cent of illegal credit card purchases.

Checking account hijackings were second only to dodgy credit card purchases, using a stolen credit card to buy goods.

The press release is here. ®

Related stories

Lottery scams new flavour of the month
Fear of phishing hits e-commerce
Phishing scams cost UK banks £1m+

High performance access to file storage

More from The Register

next story
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Dropbox defends fantastically badly timed Condoleezza Rice appointment
'Nothing is going to change with Dr. Rice's appointment,' file sharer promises
Audio fans, prepare yourself for the Second Coming ... of Blu-ray
High Fidelity Pure Audio – is this what your ears have been waiting for?
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
Sorry London, Europe's top tech city is Munich
New 'Atlas of ICT Activity' finds innovation isn't happening at Silicon Roundabout
Zucker punched: Google gobbles Facebook-wooed Titan Aerospace
Up, up and away in my beautiful balloon flying broadband-bot
Apple DOMINATES the Valley, rakes in more profit than Google, HP, Intel, Cisco COMBINED
Cook & Co. also pay more taxes than those four worthies PLUS eBay and Oracle
It may be ILLEGAL to run Heartbleed health checks – IT lawyer
Do the right thing, earn up to 10 years in clink
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
HP ArcSight ESM solution helps Finansbank
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.