A large majority of
online banking customers re-use their log-in details to access non-financial and "much less secure" websites, new research suggests.
After studying the habits of individuals over a 12-month period, customer protection experts Trusteer concluded that 73 per cent use the password for their
online banking account to access other websites, while 47 per cent use both their
online banking user ID and password to log in elsewhere on the web.
Trustee's Amit Klein commented that consumers appear not to be aware - or are choosing to ignore - the security implications of re-using their
online banking credentials on multiple websites.
"Using stolen credentials remains the easiest way for criminals to bypass the security measures implemented by banks to protect their online applications," he continued, pointing out that fraudsters have devised various methods to "harvest log-in credentials" from less secure sources, such as webmail and social network websites.
The credentials, i.e. usernames and passwords, are then tested on financial services sites to carry out fraud.
News of the findings follows revelations that HMRC is being targeted by cybercriminals sending out phishing emails that promise recipients a tax rebate. Over six million
self-assessment submissions were made online this year, breaking 2008's record of 5.7 million.
Financial News
