The ‘fish’ – in this case online banking customers – are still biting. Although many instances of phishing have been neutralized by the serious efforts of banks and the IT security industry to educate consumers, this widely known and used scam remains to be a perennial threat for online banking customers.
Phishing is the name given to the fraudulent process that criminals use to acquire sensitive data including personal information, login credentials, credit card data, and bank account details, by way of using elaborate email hoaxes with links that lead to phony websites masquerading as legitimate institutions.
Only 0.5% Actually Become Victims
A report released early this month by Trusteer, a Tel Aviv-based browser security company, shows that every year, about 10,400 in a million customers (1.04 percent) get lured into a phishing trap and click on malicious links designed to bring them to fraudulent websites. Of that number however, less than half, or only about 4,700, end up divulging their online banking information including login IDs and passwords.
One the reasons why online banking users are probably still drawn to visiting these phishing sites is that most of the perpetrators and cybercriminals have become very adept at designing websites that have the look and feel of the real bank sites.
Huge Losses, Despite Few Victims
While a percentage of less than 0.5 percent may not seem like a lot, the financial losses that result from this relatively small number of consumers who fall victim can be incredibly huge.
According to Trusteer CTO Amit Klein, “While the fact that nearly half of the victims were tricked into giving up their online banking credentials was surprising, the aggregate value of the financial losses created by only half of one percent of a bank’s customers is staggering.”
On an annual basis, the losses can add up to as much as $2.4 million to $9.4 million for every 1 million online banking users.
About the Trusteer Report
The data presented by Trusteer was collected over a three-month period using its Rapport plug-in, which the company claims is installed in about 3 million computers in North America and Europe. Part of Rapport plug-in’s function in providing computer security is to monitor phishing attacks made against the specific PC, and preventing users from entering their login info on questionable websites.
The Trusteer report is certainly interesting to note because it is one of the few, perhaps even the first, that gives realistic figures of how online banking consumers actually respond to phishing emails.