Phishing, Pharming & Co: Confidence of bank customers in Internet Banking remains high
- Sound knowledge of risks, protection at home can be strengthened
- Security in BA-CA OnlineB@nking reinforced with i-TANs and transfer limits
- Far fewer BA-CA clients caught up recently in phishing nets
Nine out of ten Austrians who have a bank account with access to Internet Banking trust the security precautions taken by their bank for online money transactions. This is the result of a representative survey carried out by the public opinion research firm Integral on behalf of Bank Austria Creditanstalt (BA-CA). "In spite of Phishing, Pharming & Co, customer confidence in Internet Banking remains high", said Robert Zadrazil, member of the BA-CA Managing Board and responsible for IT. "But Internet security is not just a question of technology, it also requires users to act sensibly with regard to risks." At present approximately 1.9 million Austrians have a bank account with Internet Banking.
Roughly 67 percent of the Austrian population above the age of 14 have access to the world wide web. "Based on a comparison over several years, BA-CA customers are far more Internet-savvy than their fellow Austrians. The figure for them sits at 74 percent", revealed Martin Mayr, Deputy-Head of BA-CA Market Research. The situation is similar for using the Internet: while 59 percent of the population regularly use the Internet, for BA-CA customers it is 70 percent. The figures regarding intensive use total 52 and 63 percent respectively.
Internet Banking still has potential
Users of Internet Banking access their account nine times per month on average. "Generally this involves simple, standard transactions", said Mayr, "58 percent of Austrians who have an account with Internet access check their balance at least once a week, while 42 percent initiate transfers. Only 3 percent handle their securities transactions over the Internet." Yet Internet Banking not only has a promising future in terms of the type of transactions, its quantitative potential has still to be fully exploited. While 73 percent of Austrians who have an account with Internet access do not intend to increase their use of the world wide web in the future, 21 percent intimated that they would like to carry out more of their banking business online.
Knowledge of risks on the Internet is good and people are more or less up to speed on issues of security. 77 percent of Austrians are aware of viruses, 61 percent are familiar with worms and 54 percent know what a trojan is. One in five Austrians can recall media reports about phishing and Internet Banking, while one in three BA-CA customers remember such articles. "What is surprising", according to Martin Mayr, "is the difference between risk awareness and risk behaviour". Only 71 percent of those asked protect their own Internet-linked PC with an anti-virus programme, 55 percent have a firewall and 29 percent use an updated operating system.
"Cyber-crime" targets home users, security networks often inadequate on home PCs
While, in the early days of the Internet around the mid-1980s, it was the networks and infrastructures of commercial service-providers that were targeted by criminals, nowadays Internet fraudsters have for the most part re-trained their sights on private users. "Internet fraudsters have caught on and by using technical and personal means they attack the weakest link in the chain: careless users", said BA-CA Board member Robert Zadrazil. Users can protect themselves very well against technical attacks with a firewall, anti-virus software and an updated operating system. Due care and a healthy dose of suspicion are sufficient to prevent any personal attacks.
"I like to compare Internet Banking with driving a car", said Zadrazil, "The Bank ensures that the roads are safe to drive on, but customers must ensure that their car is in good working order and that they adhere to traffic rules and regulations." The golden rule is that no Austrian bank asks for customer information by e-mail. In order to minimise the appeal of BA-CA customers for personal attacks by Internet fraudsters, last year the Bank introduced Indexed Transaction Numbers and transfer limits for OnlineB@nking that can be changed. This year BA-CA will be launching "Mobile TANs", meaning that OnlineB@nking customers can be sent order information by text message, without incurring additional telephone costs.
Turning to phishing, BA-CA Board Member Robert Zadrazil also warned of suspiciously lucrative job offers on the Internet: "Internet fraudsters on the world wide web regularly search for so-called "finance agents" or "payment agents", who let their accounts be used for the transfer of other people's money. This is a punishable offence!" Without these “stooges”, Internet fraud simply would not work.
At BA-CA the number of OnlineB@nking customers rose by 6.6 percent from the beginning of the year until the end of December, to roughly 500,000. The number of OnlineB@nking accounts rose by 4.2 percent over the same period to more than 1.3 million. One in every four private payment orders at BA-CA is submitted through OnlineB@nking. All in all there were four phishing waves in 2006 (January, August, October and December), which although were sent at random, targeted customers of BA-CA. Following the last phishing attack in December, access to a total of 16 OnlineB@nking accounts had to be blocked temporarily, far less than in August.
Enquiries: Bank Austria Creditanstalt Press Office
Tiemon Kiesenhofer, Tel: +43 (0)5 05 05 52819; e-mail: firstname.lastname@example.org