Phishing and the need for internet banking security

Matt Buttell

A new report conducting by the Anti-Phishing Working Group has found that criminal "phishing" attacks have risen by near 600 percent this year, sparking significant concern for the current state of internet banking security.

The Anti-Phishing Group (APWG), an association made up of financial institutions, online retailers, law enforcement officials and security and research groups, aims to combine forces in a bid to fight internet crime.

The findings of the new report come hot on the heels of announcements by the FBI, who just earlier this month confirmed it has arrested 100 members of an international criminal ring that used emails to direct internet banking customers to phony websites. Here, consumers where lured into providing account log-ins, passwords and other information that were then used by the criminals to raid accounts. 

Those caught up in the storm included thousands of customers at banks such as Wells Fargo and Bank of America.

Security

Following the bust, which media sources have since begun calling the "phish fry", FBI Director Robert Mueller went on to own up to one of the biggest email blunders of the year. According to reports, Mueller's wife has now banned him from internet banking after the agency head clicked on a phishing message and nearly surrendered his own personal information to a fake website.

The incident highlights the gross truth behind internet security banking, suggesting that even the most tech-savvy consumers are being caught out. And the reason for that is simple: cybercriminals are getting increasingly better at what they do and bank and credit card accounts are among their prime targets. As such, for consumers to presume they are safe from attacks, analysts suggest, is misguided.

However, according to the APWG report, the number of unique phishing reports submitted to the agency in the first half of 2009 saw a steady decrease during the first three months of 2009, before a sharp return to previous levels in occurred in April. May's half‐year high of 37,165, for instance, was an increase of nearly seven percent above last year's high of 34,758 in October.

 

 

Advice

To combat the phishing problem, the advice for customers is to avoid responding directly to phone calls or links in messages that purport to be from their bank and instead initiate a call to the customer service number themselves to verify that any communication previously received is legitimate. 

However, while the logic is obvious for consumers, the rise in both the number of mobile banking devices now on the market and the number of phishing attacks calls into question the responsibilities that banks have to their customers in relation to internet banking security.

In other words, as mobile banking continues to become more and more central to the way the financial services industry is managed, the need to ensure that trends in internet banking security are far outpacing the threats from cybercriminals must become paramount.