Victims of Bank Phishing Fewer, but Financial Losses Enormous

Trusteer, a browser security company, released a report on December 2, 2009. The report has found that every year 4,700 bank customers from a total of 1 Million become victims of phishing scams and divulge their online banking credentials.

However, in spite of apparently few successful frauds, there is substantial monetary loses in the range of $2.4 Million - $9.4 Million each year to every 1 Million Internet banking customers, reveals statistics from Tel Aviv-based Trusteer.

While merely few Internet banking clients access spoofed or phishing websites annually, approximately 50% out of those visitors give away personal credentials to people who operate these fake sites posing as the original banking site, said the company.

For its analysis, Trusteer gathered data from ten big European and US banks of 3 months and discovered that there occurred 16 bank phishing attacks on average every week, which counted to about 832/annum. In all these instances, the e-mails posed as messages from the banks and reached recipients who lacked phishing and anti-spam filters in their mailboxes.

Besides, the study examined users who were effectively drawn to an active phishing website, which escaped their browser's integral filter or anti-phishing defense, and discovered that an average of 12.5 clients from 1 Million sampled for each bank went to the fraudulent or phishing site. It has proved that 10,400 customers from 1 Million (or 1.04%) of the total customers of a particular bank get trapped in a phishing website annually.

Furthermore, Trusteer's study describes one more interesting finding. The finding relates to the successful attempts of phishing websites in evading anti-spam defenses. They are not only active, but also seemingly bypass phishing or anti-spam security, in case there is one, on the targeted computer.

Commenting on the study's observations, CTO of Trusteer, Amit Klein who is also the chief of Trusteer's research organization, stated that while it was surprising that almost 50% of the victimized users were so effectively deceived that they divulged personal Internet banking credentials, the total monetary loss from just 0.5% of clients of any bank was even more shocking, as reported by BusinessWire on December 2, 2009.

Related article: Victims of Phishing Attacks Increase Sharply

» SPAMfighter News - 12/14/2009