More than 420,000 scam emails are sent every hour in the UK according to a report published today (2).
The study from life assistance company CPP estimates that Brits were targeted by 3.7 billion ‘phishing’ emails in the last 12 months alone (3). And a quarter of us admit to falling victim to e-fraudsters, with the average victim losing over £285 each (4).
Fake banking emails are the most common method used by criminals, with 55 per cent of those targeted receiving seemingly legitimate e-correspondence from high street banks. Over half received false lottery or competition prize draws, while a further one in two was targeted by foreign cons such as the renowned “Nigerian 419 advance free fraud” scam.
And consumers must take caution, as latest industry figures show that online banking fraud rose by 132 per cent in the last 12 months. (5) In fact, nearly half of Brits (46 per cent) worry their card details could be used to make illegal online purchases.
Fraudsters are also exploiting the explosion of social networking sites and current defaults in privacy settings to target victims. Nearly one fifth of Brits have received phoney Facebook messages claiming to be from friends or family. One in 10 fear that fraudsters are using Twitter to follow them and a third are concerned their social networking account could be hacked.
It seems that anyone – no matter their level of expertise – can fall prey. (Editor's Note: Thus educating consumers on the perils of phishing won't work if their level of expertise doesn't help them)
Tim Berners-Lee, creator of the World Wide Web fell foul to fraud after buying Christmas gifts online, which failed to show up. Movie-star Salma Hayek had her Apple MobileMe account attacked, and not even politicians are immune – Ed Milliband’s Twitter account was infiltrated by hackers who posted details of a fictitious sex life.
Tim Berners-Lee, creator of the World Wide Web fell foul to fraud after buying Christmas gifts online, which failed to show up. Movie-star Salma Hayek had her Apple MobileMe account attacked, and not even politicians are immune – Ed Milliband’s Twitter account was infiltrated by hackers who posted details of a fictitious sex life.
Commenting on the report, Nicole Sanders, identity fraud expert at CPP said: “It seems that not a day goes by without a new case of online fraud hitting the headlines. But what’s concerning is that consumers are still falling victim.
“Fraudsters are becoming ever more skilled in their techniques and tactics. It can be extremely difficult to spot a legitimate email from a scam, so we advise caution at all times when online. And as social networking sites become increasingly popular, people need to continue to be mindful of what they post. Their identity is as valuable to a thief as a credit card, so protecting personal details is key.”
Robert Schifreen, reformed computer hacker advises: “Staying safe online is easy if you follow some basic precautions. Never type your credit card number, password, or any other confidential information into a web site unless its address begins with https and your browser displays the ‘closed padlock’ symbol. These indicate that the site is safe and that your data is encrypted. (Editor's Note: Not really...see SSL is SOL) Also, make sure your antivirus software subscription is up to date and that your computer is configured to automatically download protective software.” Editor's Note: Up to date Antivirus Software doesn't help as Zeus bypasses it anyway.
There is an online banking Trojan out there that is bypassing up-to-date anti-virus programs as much as 77% of the time, according to security company Trusteer. The Zeus Trojan is also known as Zbot, WSNPOEM, NTOS and PRG. It is the most prevalent financial malware on the web, Trusteer says. (Editor's Note: Others say it's Clampi)
CPP top tips to reduce the chances of falling victim to online fraud:
- Install anti-virus protection which scans for viruses
- Install anti-phishing tools which identify phishing emails that trick users into giving away personal information
- Install an active firewall, which updates and upgrades automatically, preventing hackers from gaining access to your PC or laptop
- Keep your personal information safe. If someone asks for your personal details online ask yourself why they would need them
- Be aware that banks will never ask for your personal information online
- If you are unsure whether an email is genuine, ring your bank and ask them
- If you store personal information on your PC, install up-to-date security software
- Remember the golden rule: identity thieves are experts at spotting an opportunity to steal your identity and all they need are a few personal details
- On social networking sites, keep your privacy settings set to friends only and never display your address, phone number or date of birth
(1) According to the latest figures from ONS (2009) 37.4 million adults have access to the Internet (76% of the population). According to the consumer research commissioned by CPP, 26% of Brits have fallen victim to online fraud with 48% of these in the last 12 months. 37,400,000 x 0.26 x 0.48 = 4,667,520 online victims in the last year.
Divided by 365 this amounts to 12787 victims a day. Divided by 24 works out as 532 victims an hour. Divided by 60 works out as 8.88 victims a minute. 60 divided by 8.88 = 6.7, which means one online victim every 7 seconds.
(2) According to the latest figures from ONS (2009) 37.4 million adults have access to the Internet (76% of the population). According to the consumer research commissioned by CPP, 75% of Brits have received fraudulent emails/ Internet messages in the past 12 months. The average number of fraudulent emails is suspected to be 11 per month or 132 a year. 37,400,000 x 132 x 0.75 = 3,702,600,000 = over 3.7 billion. Divided by 365 (days), divided by 24 (hours) = 422,671 fraudulent emails per hour.
(3) According to the latest figures from ONS (2009) 37.4 million adults have access to the Internet (76% of the population). According to the consumer research commissioned by CPP, 75% of Brits have received fraudulent emails/Internet messages in the past 12 months. The average number of fraudulent emails is suspected to be 11 per month or 132 a year. 37,400,000 x 132 x 0.75 = 3,702,600,000 = over 3.7 billion fraudulent emails per year.
(4) According to the latest figures from ONS (2009) 37.4 million adults have access to the Internet (76% of the population). According to the consumer research commissioned by CPP, 26% of Brits have fallen victim to online fraud with 48% in the last 12 months, and the average sum lost is £289. 37,400,000 x 0.26 x 0.48 x 289 = 1,348,913,280 = over 1.3 billion in online fraud losses.
(5) Figures from the UK Payment’s Administration report: ‘Fraud – The Facts’ 2009 - http://www.cardwatch.org.uk/publications.asp?sectionid=all&pid=221&gid=&Title=Publications
Research Methodology
Research was carried out online by ResearchNow among 2,007 UK adults between 23 and 30 April 2010.