In 2003, the US financial industry lost USD 1.2 billion to phishing, or the online solicitation of consumers’ personal data by hackers from a supposedly trusted source such as a bank, credit card firm or e-tailer, according to Gartner Group. Unless concerted action is taken, eCommerce growth in the US could fall to 10 per cent per year or less by 2007, down from the double-digit growth of recent years, Gartner warns. Few banks are addressing the risk of phishing, says director, Avivah Litan, and will take “a year or two” to install defenses, which means the crime will continue to grow as phishers seek easy pickings online.

Approximately 57 million US consumers believe they have been affected by a phishing attack, with 30 million being definite about this, and 27 million, unsure, according to Litan. Almost two million affected had revealed sensitive data, such as credit card or bank account numbers, to the spoofed web site they were directed to, which underscores the need for banks and credit card firms to implement anti-phishing services. With Litan indicating that phishers have just a one in 700 chance of being caught, furthermore, the popularity of the crime stands to impact consumer confidence in online banking or shopping services.

Research firm, Mercator Advisory Group, also advises that phishing could “have a seriously detrimental effect on eCommerce” as credit cardholders buying online need to trust the merchant in question, while merchants need proof that a consumer is legitimate, and both parties need to know the payment cannot be intercepted. Tackling online fraud resembles an “arms race” between criminals and the players in the online payments space, according to Mercator analyst, Nick Holland, and any viable solution has to make the “activity of fraud unfeasibly expensive for the fraudsters and still affordable for the stakeholders”.

(Gartner Group)