Theft from personal bank accounts is the fastest-growing financial fraud plaguing US consumers, with spyware attacks to blame for much of the rise.

According to a survey by Gartner, 1.98 million online adults have experienced this sort of crime in the past 12 months. The analyst organisation urged banks to implement stronger access controls to online and telephone banking systems.

From the survey of 5,000 US adults who used the internet, Gartner estimated that the cost of this fraud was approximately $2.4bn in direct fraud losses - or $1,200 per victim.

Avivah Litan, vice president and research director at Gartner, said in a statement: "In most cases that are not inside jobs, thieves likely stole account numbers and passwords to get into accounts online or through telephone banking services. Neither method involves face-to-face transactions."

Gartner's study said: "Thieves appear to be proliferating through online channels."

Just by clicking on a pop-up ad, web users can inadvertently download spyware which can potentially trap their user ID and password for their online bank account without them ever knowing about it.

"It will take time for the financial services industry to develop sophisticated back-end tools, but banks must implement stronger access controls to online and telephone banking systems," said Litan.

The study recommends using shared-secret authentication, where a consumer might select a topic, such as the name of a favourite pet, and enter an answer that is shared with a service provider.

Gartner found that unauthorised access to checking accounts has grown faster than any other fraud in the past year.

In terms of number of victims, checking account hijacks were found to be the second most prevalent type of crime in the 12 months to April 2004, the most common being fraudulent credit card purchase.