Better bank security could have prevented $2.75bn in losses from the fraudulent use of ATM and debit cards, analyst firm Gartner has alleged in a newly published study.
The losses are the result of personal data obtained by criminals through phishing scams and keystroke logging software. The scammers use the stolen information to create cloned cards to withdraw money, or to raid online bank accounts.
Gartner estimated that about three million US consumers fell victim to phishing scams in a recent 12-month period, resulting in an average loss of $916 per incident. In most cases banks or financial institutions covered the losses.
The cloned ATM cards contain only the user's bank account number and Pin. The card is also supposed to carry security codes from the bank that issued the card which provide an additional layer of security.
Because the customer is unaware of the codes, criminals cannot obtain them through online attacks. But about half of ATM operators do not check the security codes when a withdrawal is made, according to Gartner research director Avivah Litan.
"Most of these institutions are unaware that they, or the outsourced ATM transactions processor they rely on, should be doing so," he said.
Gartner based its phishing damage projection on a survey of 5,000 adults in May.
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago