Press Releases FDIC Issues Study on Identity Theft and
Seeks Comments on Possible Guidance to Bankers
FOR IMMEDIATE RELEASE PR-125-2004 (12-14-2004)
Media Contact: David Barr (202) 898-6992
The Federal Deposit Insurance Corporate (FDIC) today released a study on a type of identity theft known as account-hijacking, one of the fastest growing forms of identity theft in the country. The agency is soliciting comments on the study that it hopes to use to formulate guidance to bankers next year.
"Technology is rapidly evolving and regulators need to ensure that information safeguards for consumers and banks keep pace, said FDIC Chairman Don Powell. "ID theft is one of the fastest growing consumer issues in America and our study is an effort to address the needed changes."
Account-hijacking is the unauthorized access and misuse of existing account information primarily through a scheme known as phishing. Phishing is the process of sending tens of thousands of bogus e-mails in the guise of legitimate government agencies and businesses asking recipients to verify or provide confidential financial information. The information is then used by criminals to either steal a person"s identity or to hijack their accounts. This form of identity theft is of particular concern to financial institutions and to their customers.
A recent study has estimated that nearly two million Internet users in the U.S. experienced account hijacking during the 12 months ending April 2004. Of those, 70 percent do their banking or pay their bills online and over half believed they received a phishing e-mail. Many experts believe that the increase in identity theft will have the effect of slowing the growth of online banking and commerce.
According to the study released today by the FDIC, financial institutions and their regulators should consider a number of steps to help reduce online fraud, including:
Upgrading existing password-based single-factor customer authentication systems to two-factor authentication.
Using scanning software to identify and defend against phishing attacks.
Strengthening educational programs to help consumers avoid online scams.
Placing a continuing emphasis on information sharing among the financial services industry, government, and technology providers.
Congress created the Federal Deposit Insurance Corporation in 1933 to restore public confidence in the nation's banking system. The FDIC insures deposits at the nation's 9,025 banks and savings associations and it promotes the safety and soundness of these institutions by identifying, monitoring and addressing risks to which they are exposed. The FDIC receives no federal tax dollars - insured financial institutions fund its operations.
FDIC press releases and other information are available on the Internet at www.fdic.gov or through the FDIC's Public Information Center (877-275-3342 or (703) 562-2200).