FDIC Releases Study on Identity Theft and Seeks Comments on Possible Guidance to Bankers

December 16, 2004

The Federal Deposit Insurance Corporate (FDIC) has released a study on a type of identity theft known as account-hijacking, one of the fastest growing forms of identity theft in the country. The agency is soliciting comments on the study that it hopes to use to formulate guidance to bankers next year.

"Technology is rapidly evolving and regulators need to ensure that information safeguards for consumers and banks keep pace,” said FDIC Chairman Don Powell. "ID theft is one of the fastest growing consumer issues in America and our study is an effort to address the needed changes."

Account-hijacking is the unauthorized access and misuse of existing account information primarily through a scheme known as phishing. Phishing is the process of sending tens of thousands of bogus e-mails in the guise of legitimate government agencies and businesses asking recipients to verify or provide confidential financial information. The information is then used by criminals to either steal a person’s identity or to hijack their accounts. This form of identity theft is of particular concern to financial institutions and to their customers.

The Federal Trade Commission (FTC) has estimated that nearly two million Internet users in the U.S. experienced account hijacking during the 12 months ending April 2004. Of those, 70 percent do their banking or pay their bills online and over half believed they received a phishing e-mail. Many experts believe that the increase in identity theft will have the effect of slowing the growth of online banking and commerce.

According to the study released today by the FDIC, financial institutions and their regulators should consider a number of steps to help reduce online fraud, including:

  • Upgrading existing password-based single-factor customer authentication systems to two-factor authentication.
  • Using scanning software to identify and defend against phishing attacks.
  • Strengthening educational programs to help consumers avoid online scams.
  • Placing a continuing emphasis on information sharing among the financial services industry, government, and technology providers.
The FDIC's study-Putting an End to Account-Hijacking Identity Theft-is available on the Web at: http://www.fdic.gov/consumers/consumer/idtheftstudy/index.html. Comments on the study are being solicited through February 11, 2005, via email to: IDTheftStudy@fdic.gov.

Source: FDIC


Contact ALTA at 202-296-3671 or communications@alta.org.