Frustrated by protections against card fraud, scam artists are gunning for consumer deposit accounts - and many banks, considering such accounts safer, are unprepared, some observers say.
"As the credit card fraud opportunity has diminished, it is apparent that professional frauds have tended to migrate to compromise other consumer financial products, most of them associated with demand deposit accounts," said Ted Crooks, the vice president of fraud protection solutions at the Minneapolis credit technology company Fair Isaac Corp.
"As a result, fraud rates on deposit accounts have generally grown as those on credit cards have diminished," he said in an e-mail.
Mr. Crooks said this trend was the "natural, opportunistic migration from a product necessarily heavily protected to products where there has been less emphasis on fraud suppression."
Avivah Litan, a vice president and research director at the Stamford, Conn., market research company Gartner Inc., said one reason for this shift is that safeguards for credit card accounts are working.
Visa U.S.A. said its credit card fraud rate in 2004 was just 0.05% of transaction volume, down from 0.13% in 1990. That was the lowest ever, Ms. Litan said, but one consequence has been to make demand deposit accounts more attractive targets.
In a survey she conducted of adult Internet users, 1.3% reported at least one fraudulent transfer out of their bank accounts, she said. (The study did not include check fraud.) It was her first such study, but anecdotal evidence suggests that attacks on deposit accounts are increasing, she said.
"Deposit accounts are in the dark ages," Ms. Litan said. "They need to wake up and join credit card accounts."
American Banker contacted numerous banks, but none were willing to discuss the issue of rising attacks on deposit accounts.
Gwenn Bezard, a research director at Aite Group LLC of Boston, said deposit accounts are not inherently riskier than credit card accounts but are "more exposed than they used to be." That is because there are more ways to gain access to them, including automated clearing house transfers and online banking, he said.
Amir Orad, the executive vice president of marketing for Cyota Inc., a New York vendor of security technology, said phone and Internet banking have made theft easier. "Bad guys prefer those channels," he said.
The Internet has facilitated these attacks, because criminals now trade or sell banking passwords and other personal details over the Web, Mr. Orad said.
Richard A. Parry, a JPMorgan Chase & Co. executive, said crooks have figured out that deposit accounts can be back doors to credit accounts - for example, if a checking account is linked to a home equity line.
Fraudsters prefer the path of least resistance, but they will become more resourceful over time, said Mr. Parry, the company's senior vice president for consumer risk management. "The only way we can avoid our losses completely is to not do business," he said at a March conference hosted by Cyota.
Cyota and Fair Isaac have recently introduced products and services meant to spot remote-channel attacks on deposit accounts. Cyota's eSphinx evaluates the risk for each transaction initiated through a remote channel; Fair Isaac's FalconOne software is meant to help banks develop safeguards against future scams.
