Retail Internet fraud is rife: survey

Internet credit card fraud as high as 40 percent is crippling British retailers' online efforts, according to one of the UK's biggest ever retail surveys, released Thursday. The study found that nine out of ten fraudulent transactions go unprosecuted because of inadequate legal expertise, or because retailers do not bother to report them.

The survey, by credit and business information company Experian, is based on internal investigations at online companies suffering high fraud levels. It found that although most Web sites reported less than one percent of fraudulent activity, this figure reaches as much as 40 percent in the software, ticket sales and the household electrical goods sector.

Forty percent of companies admitted to having been repeatedly attacked by the same fraudster before detecting any criminal activity. Two-thirds confessed that it took more than a month to detect online fraud.

These startling figures should perhaps not be a great shock: a sharp rise in the latest crime figures was largely attributed to the growth of online fraud by law enforcers.

But the findings make bleak reading for dotcoms battling to establish faith in online spending. It and will also put a sizeable dent in the government's much touted intentions to establish Britain as a world leader in e-commerce.

Neil Barrett, technical director of computer security and forensics company Information Risk Management says Experian's research sounds about right. "The figures don't surprise me one jot," he says. "I would have thought it might be higher. We've seen seized hacker's computers with shed loads of credit card numbers on them."

Apart from the concern for consumers considering shopping online, the research highlights the burden placed on retailers to cover the cost of fraud. While customers are typically only liable for the first £50 of fraud, retailers are often required to cover the full cost of theft.

Experian says the police are also unable to deal with the majority of this type of crime, because of a lack of resources and expertise.

A spokesman for the Computer Crime Prevention Unit in London argues that the police service takes online fraud very seriously and is doing all it can. He admits however that cases involving small sums are not a priority. "It is an area that we are looking at and attempting to address in conjunction with industry," says the spokesman. "Below a certain threshold fraud isn't reported. How can we provide a service to people when they don't talk to us?"

Guy Kewney guarantees that the really huge e-frauds being committed will be by banking staff, either through incompetence, or inadequate supervision, or actual villainy. But what he can't guarantee is that they will be discovered, or that the perpetrators can even be traced. Go to AnchorDesk UK for the news comment.

To have your say online click on TalkBack and go to the ZDNet News forum.

What do you think? Tell the Mailroom. And read what others have said.

Take me to the e-commerce special.