Banks make it ‘too easy’ for fraudsters

Corporate identity theft costs British business as much as £50 million a year. Yet according to security research company Heise Security, four out of seven online banks it tested have failed to secure their websites after being told of serious security issues over a month ago.

Many online banks, it seems, are taking too few precautions to protect their customers from fake or ‘spoof’ web pages and ‘phishing’ attacks – attempts to acquire information, such as passwords and credit card details, by masquerading as a trustworthy business, usually by email.

Heise inserted spoof pages onto a number of banks’ websites to test security procedures. Yet surprisingly, say Heise, these pages still appear on the Cahoot, Bank of Scotland and First Direct sites as they did a month ago, ‘suggesting no action has been taken’, while Natwest apparently only took interim measures.

The Association for Payment Clearing Services (APACS), the organisation that co-ordinates the banking industry’s efforts to combat online fraud, has now released a new report revealing that the number of ‘phishing attacks’ has risen by over 800 per cent over the past year.

The report also claims that an estimated half a million people in the UK said ‘they would still respond to an unsolicited email asking them to follow a link and re-enter personal security details’ – a worrying statistic indeed.

[Note: APAC was replaced by UK Payments Administration Ltd (UKPA) in mid-2009]

Adam Wayland

Adam Wayland

Adam was Editor of SmallBusiness.co.uk from 2006 to 2008 and prior to that was staff writer on sister publication BusinessXL Magazine.

Related Topics

Business Fraud