Topic: Surfers risk fraud with online banking logins

[Clive]

Two-thirds of surfers are opening themselves up to fraud by reusing their online banking logins on other less secure sites.

Nearly three-quarters (73 per cent) of people recently surveyed admitted to using the same login details for their online banking across other websites and social networks.

Trusteer, the customer protection company for online businesses, said that by reusing these credentials, people put themselves at a serious risk of fraud.

Reusing passwords was the most common mistake made by those asked but 47 per cent also admitted to using exactly the same user ID and password to login to less secure sites.

Criminals have devised various ways to get login details from less secure sites such as online email clients and social networks and then test these credentials on financial sites to commit fraud.

Amit Klein, chief technical officer of Trusteer and head of the company's research organisation said: "Our findings were very surprising, and reveal that consumers are not aware, or are choosing to ignore, the security implications of reusing their banking credentials on multiple websites."

The company recommends that people have a least three sets of credentials to use across the internet.

The report comes in the same week that the Office of Fair Trading (OFT) began its scamnesty campaign, encouraging people to report any fraudulent emails they receive.

[Rik]

I never mix my banking passwords with any others, and use a variety of different passwords for different sites, though I do confess to some duplication, otherwise my brain hurts too much.

[Rodders]

Introduce biometric ID verification and then I might consider online banking. 

[Simon]

I have one set of logins for banking, one for shopping, and one for forums.  Each set contains a couple of different combinations, but I also have to admit to some duplication on non-secure sites.

[sam]

I never mix my banking passwords with any others, and use a variety of different passwords for different sites, though I do confess to some duplication, otherwise my brain hurts too much.

I use different ones but then I just cannot remember the banking ones... always an annoying moment when I realise I forgot the phone security code.

[chorleydave]

As both banks I use are within fifty yards of my front door, I don't have to risk online banking. 

[Simon]

I'd still bank online if my bank was next door!  No queues, and you can operate your account 24/7. 

[Rik]

Same here.

[Camstop]

I heavily rely on on-line banking too and buying on-line with credit cards and have had a few fraud attempts but it's always been sorted out with minimal fuss.

The worst one was attempted identity theft. They had logged in and passed extra security and said i had changed address and to send new cards n stuff there. I said it must be an bank inside job as i haven't my extra security on my PC and it was only ever said to bank staff when setting up new payments on telephone banking 

[Simon]

That must have been quite worrying, Cammy.

[Camstop]

The worrying thing was they were quite happy to set everything up in my so called "new address" but it seemed to take some convincing them that i actually hadn't moved and the first that i heard of it was the letter confirming the move 

The fraud squad set up extra special security just for me and it was to be used with every financial organisation    but the reality is i've never been asked to provide my "special" security since.   

[sam]

That is exactly what happened to me... alas they did take money out of my account (though a credit card) and the banks sorted it out.... but the bloody phone operator was very easy to confuse and when I told them the address had been changed on my online account they just wanted to change that... not deal with the f***ing fraud! argh.

I like the randon number gen pin machines.