Losses from online banking fraud have fallen for the second year in a row, according to the UK Cards Association.
From January to June 2011, £16.9m was lost in online banking fraud for UK-issued cards, down from £24.9m in the same period last year, the payments industry trade body said in a statement on Wednesday (PDF). These figures compare favourably to £39m lost between January and June 2009.
Online banking fraud can happen through phishing — where hackers forge emails or spoof websites in the hope of tricking users into divulging sensitive information. Other common banking fraud involves hackers sending infected attachments or encouraging users to visit malicious websites, to load information-stealing Trojans such as Zeus and SpyEye.
Increased computer security awareness from customers, plus banks' use of fraud detection software, have led to this fall, said the UK Cards Association (UKCA). Many banks use behavioural anomaly software that charts suspicious activity on a card.
While losses have fallen, the number of phishing websites targeting UK users has sharply increased. From January to June 2007, UKCA logged 7,224 such websites. Phishing websites frequently get taken down, yet in the same period in 2011 the number had increased to 37,198.
Low-tech card crime such as cheque fraud has grown. Nevertheless, in general, losses from high-tech fraud have been falling, said UKCA. In the half year from the beginning of 2011, internet, phone and card-not present fraud was £109.2m, down year-on-year from £118.2m. In 2008, from January to June, loss from this type of fraud was £163.9m.
The number of cases of card fraud has also been falling since 2008, according to the latest UKCA figures. While no half yearly incident figures were available for 2011, a UKCA spokesman told ZDNet UK on Thursday, yearly figures are falling. In 2010, there were 0.96 million card fraud incidents, compared with 1.13 million cases in 2009 and 1.4 million in 2008.
Counterfeit fraud using skimmed or cloned cards has also been falling steadily since 2008. In 2008, half yearly counterfeit card fraud losses were £88.8m, down to £18.0m for January to June 2011. Card identity theft has gone down 23 percent year-on-year.
Online banking losses are starting to be stemmed in Europe through a number of factors, including closer working relationships between security vendors and banks, according to Trend Micro security solutions architect Rik Ferguson.
"There are agreements between financial institutions and security companies to offer customers security software at low or no cost to the customer, and developments in security software have helped," said Ferguson. "More real-time, dynamic updates have helped."
Security initiatives such as two-factor authentication and businesses paying closer attention to security standards may also have had an impact, said Ferguson.
Criminals were responding with greater numbers of information-stealing Trojans, and by pursuing more diverse data, Ferguson added.
"We've seen Zeus botnets not just stealing financial information, but email accounts, FTP accounts and social-networking information. These all lead to different ways of making money through crime," said Ferguson.
Get the latest technology news and analysis, blogs and reviews delivered directly to your inbox with ZDNet UK's newsletters.