Feeds

Phishing scams thrive in the UK

Peers hear losses set to reach £45.7m for 2006

Remote control for virtualized desktops

UK incidents of phishing scams have grown 8,000 per cent over the last two years, according to the government's financial watchdog authority. Although losses remain modest compared to other forms of financial fraud, banking security experts speaking before the House of Lords science and technology committee are concerned about the growing prevalence of scams designed to trick consumers into handing over online banking credentials.

Rob Gruppetta, of the Financial Services Authority (FSA) financial crime team, told the parliamentary committee, "We are very concerned about the rate of increase. It has gone up by 8,000 per cent in the past two years. But in the grand scheme of total fraud it is still quite small," he added.

Between January and June 2005, 312 phishing incidents were recorded, a figure that shot up to 5,059 for the first half of 2006, according to figures from UK banking payment organisation Apacs. Improved detection rates are partly behind the increase but even so the growing sophistication of scammers is leading to heavy losses from UK banks.

Apacs security chief Philip Whitaker told peers that scammers had transformed phishing scams from a cottage industry into an industrial process.

An estimated £23.2m was stolen from UK online bank accounts using email scams in the first half of 2006, with a slight decreases in losses to £22.5m for the second half of the year, the BBC reports. In the year prior to October 2004, Apacs estimated phishing cost UK banks £4.5m, which compares to a £45.7m estimated loss for 2006. Despite growing losses, security experts testified that online banking was essentially safe.

Although conceding that was a case for banks to be more transparent about losses to fraud, Philip Robinson, the FSA's head of financial crime, rejected suggestions from peers that US-style information security breach disclosure laws would build consumer confidence. He said issuing alerts in cases where, for example, laptops containing sensitive information were stolen would only cause "undue alarm" to customers. The FSA is meeting with the Information Commissioner next week for talks on how banks might become more open about fraud while still maintaining confidence in the banking system, Robinson added. ®

Top 5 reasons to deploy VMware with Tegile

More from The Register

next story
Regin: The super-spyware the security industry has been silent about
NSA fingered as likely source of complex malware family
Why did it take antivirus giants YEARS to drill into super-scary Regin? Symantec responds...
FYI this isn't just going to target Windows, Linux and OS X fans
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Home Office: Fancy flogging us some SECRET SPY GEAR?
If you do, tell NOBODY what it's for or how it works
HACKERS can DELETE SURVEILLANCE DVRS remotely – report
Hikvision devices wide open to hacking, claim securobods
'Regin': The 'New Stuxnet' spook-grade SOFTWARE WEAPON described
'A degree of technical competence rarely seen'
Syrian Electronic Army in news site 'hack' POP-UP MAYHEM
Gigya redirect exploit blamed for pop-rageous ploy
Astro-boffins start opening universe simulation data
Got a supercomputer? Want to simulate a universe? Here you go
prev story

Whitepapers

10 ways wire data helps conquer IT complexity
IT teams can automatically detect problems across the IT environment, spot data theft, select unique pieces of transaction payloads to send to a data source, and more.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
How to determine if cloud backup is right for your servers
Two key factors, technical feasibility and TCO economics, that backup and IT operations managers should consider when assessing cloud backup.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Mitigating web security risk with SSL certificates
Web-based systems are essential tools for running business processes and delivering services to customers.