Online banking fraud has jumped by 8,000% in the past two years, according to UK regulator the Financial Services Authority (FSA). The FSA told a House of Lords committee that it was "very concerned" about the problem.
The biggest problem is with phishing, whereby a scammer sends an email which pretends to be from the bank in order to con a user into handing over their internet banking username and password.
The FSA and the UK payments association Apacs were giving evidence to the House of Lords science and technology committee. They said that the problem was growing, but from a small base, and was still small in real terms. They said that the amount stolen was set to rise by another 90% next year.
Around £45 million was stolen this year through phishing, and the committee was told that one bank suffered many more breaches than another. Apacs said that it would not reveal which bank that was, since it represented banks and not consumers.
Both the FSA and Apacs rejected calls for consumers to be notified each time a bank suffered a security breach, such as the loss or theft of a laptop containing customer details. Many US states enforce such a rule and Apacs said that that activity caused 'undue alarm' there.
The bodies' evidence said that phishing scams were becoming increasingly more sophisticated, but that they believed that internet banking was essentially safe.
The committee was told that the number of reported phishing incidents in the first six months of 2005 was 312, but that in the first six months of 2006 5,059 incidents were reported. Apacs head of security Philip Whitaker said that the jump was due to better detection of the incidents.
It also emerged in the hearings that the FSA will open discussions next week with the Information Commissioner on whether or not internet banking is open and transparent enough in its handling of information.
Philip Robinson, the head of financial crime at the FSA, told the committee that he would meet the commissioner to discuss ways of increasing transparency.