Skip Header

Federal Deposit
Insurance Corporation

Each depositor insured to at least $250,000 per insured bank



Home > Consumer Protection > Consumer Resources > Putting an End to Account-Hijacking Identity Theft




Putting an End to Account-Hijacking Identity Theft

Skip Left Navigation Links

0
Introduction
Background
Legislative And Regulatory Responses To Identity Theft
Industry Responses To Identity Theft
The Use Of Technology To Mitigate
Findings
References
Putting an End to Account-Hijacking Identity Theft Study Supplement

Findings
The Background section of this study describes how identity theft is perpetrated and the damage it can cause. The Use of Technology section begins by discussing fundamental flaws in Internet security and how the financial services industry’s current reliance on passwords for remote access to banking applications offers an insufficient level of security. This information indicates that there are two major reasons why phishing and other types of attacks have been used more and more, and with growing success, to perpetrate identity theft, particularly account hijacking:

  • User authentication by the financial services industry for remote customer access is insufficiently strong.
  • The Internet lacks e-mail and Web site authentication.

After analyzing the information, the FDIC is of the opinion that financial institutions and government should consider a number of steps to reduce online fraud, including:

  1. Upgrading existing password-based single-factor customer authentication systems to two-factor authentication.
  2. Using scanning software to proactively identify and defend against phishing attacks. The further development and use of fraud detection software to identify account hijacking, similar to existing software that detects credit card fraud, could also help to reduce account hijacking.
  3. Strengthening educational programs to help consumers avoid online scams, such as phishing, that can lead to account hijacking and other forms of identity theft and take appropriate action to limit their liability.
  4. Placing a continuing emphasis on information sharing among the financial services industry, government, and technology providers.

 



Last Updated 12/10/2004 webmaster@fdic.gov

Skip Footer back to content