Skip Header

Federal Deposit
Insurance Corporation

Each depositor insured to at least $250,000 per insured bank

Home > News & Events > Press Releases

Press Releases

FDIC Issues Study on Identity Theft and Seeks Comments on Possible Guidance to Bankers

PR-125-2004 (12-14-2004)
Media Contact:
David Barr (202) 898-6992

The Federal Deposit Insurance Corporate (FDIC) today released a study on a type of identity theft known as account-hijacking, one of the fastest growing forms of identity theft in the country. The agency is soliciting comments on the study that it hopes to use to formulate guidance to bankers next year.

"Technology is rapidly evolving and regulators need to ensure that information safeguards for consumers and banks keep pace,” said FDIC Chairman Don Powell. "ID theft is one of the fastest growing consumer issues in America and our study is an effort to address the needed changes."

Account-hijacking is the unauthorized access and misuse of existing account information primarily through a scheme known as phishing. Phishing is the process of sending tens of thousands of bogus e-mails in the guise of legitimate government agencies and businesses asking recipients to verify or provide confidential financial information. The information is then used by criminals to either steal a person"s identity or to hijack their accounts. This form of identity theft is of particular concern to financial institutions and to their customers.

A recent study has estimated that nearly two million Internet users in the U.S. experienced account hijacking during the 12 months ending April 2004. Of those, 70 percent do their banking or pay their bills online and over half believed they received a phishing e-mail. Many experts believe that the increase in identity theft will have the effect of slowing the growth of online banking and commerce.

According to the study released today by the FDIC, financial institutions and their regulators should consider a number of steps to help reduce online fraud, including:

  • Upgrading existing password-based single-factor customer authentication systems to two-factor authentication.
  • Using scanning software to identify and defend against phishing attacks.
  • Strengthening educational programs to help consumers avoid online scams.
  • Placing a continuing emphasis on information sharing among the financial services industry, government, and technology providers.
The FDIC's study-Putting an End to Account-Hijacking Identity Theft-is available on the Web at: Comments on the study are being solicited through February 11, 2005, via email to:

# # #

Congress created the Federal Deposit Insurance Corporation in 1933 to restore public confidence in the nation's banking system. The FDIC insures deposits at the nation's 9,025 banks and savings associations and it promotes the safety and soundness of these institutions by identifying, monitoring and addressing risks to which they are exposed. The FDIC receives no federal tax dollars - insured financial institutions fund its operations.

FDIC press releases and other information are available on the Internet at or through the FDIC's Public Information Center (877-275-3342 or (703) 562-2200).

Last Updated 12/15/2004

Skip Footer back to content