Summary: | The FDIC has issued a study on "account-hijacking" identity theft, which outlines the problem and suggests steps to reduce online fraud for both bank and regulatory agency consideration. The FDIC hopes to use the study to formulate guidance to bankers next year. Comments on the study are due on February 11, 2005. |
Highlights:
Distribution:
Suggested Routing:
Note:
|
||
Financial Institution Letter
FIL-132-2004 December 14, 2004 |
||
Identity
Theft
The Federal Deposit Insurance Corporation (FDIC) has produced the study Putting an End to Account-Hijacking Identity Theft , which outlines this form of identity theft and offers steps to reduce online fraud for both bank and regulatory agency consideration. The FDIC hopes to use the study to formulate guidance to bankers next year. The FDIC is seeking comments on the study by February 11, 2005. Background and Focus of StudyIdentity theft is one of the fastest growing types of consumer fraud. The Federal Trade Commission (FTC) has estimated that, during 2003, almost ten million Americans discovered that they were the victims of identity theft, with a total cost to businesses and consumers of over $50 billion. This study focuses on a subset of identity theft that is of particular concern to FDIC-insured financial institutions and to their customers: the unauthorized access to and misuse of existing asset accounts primarily through phishing (which is the use of fraudulent e-mails to trick consumers into divulging confidential information) and hacking (which is the unauthorized remote access to a computer), hereinafter referred to as "account hijacking." Prevalence and Impact of Account Hijacking While precise statistics on the prevalence of account hijacking are difficult to obtain, recent studies indicate that unauthorized access to checking accounts is the fastest growing form of identity theft. Another recent study has estimated that almost 2 million U.S. adult Internet users experienced this type of fraud during the 12 months ending in April 2004. Of those, 70 percent did their banking or paid their bills online and over half believed that they had received a phishing e-mail. Consumers are beginning to consider that their use of the Internet to conduct financial transactions may bring an increasing degree of risk, and many experts believe that electronic fraud, especially account hijacking, will slow the growth of online banking and commerce. Findings Fraudsters are taking advantage of the reliance on single-factor authentication for remote access to online banking, and the lack of e-mail and Web site authentication, to perpetrate account hijacking. Financial institutions and government agencies should consider a number of steps to reduce online fraud, including:
|
Additional Related Topics:
- FFIEC Examination Handbook, E-Banking Booklet
- FFIEC Examination Handbook, Information Security Booklet
- Internet Banking Fraud, issued in FIL-113-2004 on September 13, 2004