Study: $400M In Phishing Losses

Register now

Financial Insights has released new estimates that U.S. and international financial institutions stand to lose up to $400 million in fraud losses resulting from so-called phishing incidents occurring in 2004. Institutions are also incurring additional organizational costs beyond those allocated towards the management of identity theft cases. Firms are suffering even more from the erosion in customer trust that these incidents are causing, said the company, which is a global independent research and advisory firm.

Phishing is the term used for instances where scammers mimic a consumers' financial institution and contact the consumer seeking their financial information.

"Most of the anti-phishing solutions available today are focused on detection of phishing attacks," stated Sophie Louvel, research analyst and author of the report. "Truly curbing e-mail phishing attacks will require significant and widespread security enhancements to email technology including email sender authentication."

The recent surge in email phishing attacks has created a sense of urgency within financial institutions, large ISPs, security technology providers, law enforcement agencies, and even university research labs, the report suggests.

These organizations are now working together to agree on technology solutions and best practices for curbing phishing attacks. "However, until e-mail authentication standards and new anti-phishing solutions are widely adopted, phishing will continue to be a popular identity theft tactic."

The report, titled "Fraudsters Go Phishing in a Million Dollar Hole of Opportunity," also describes and evaluates the anti-phishing solutions that are available or in development to help institutions prevent and detect these attacks.

To view the report abstract: asp?docID=1492

For reprint and licensing requests for this article, click here.