Another headache: counterfeit bank websites.

Recently, a number of banks have uncovered situations in which their customers were tricked into revealing personal account information on counterfeit bank websites. (See "Latest Fraud: Crooks Creating Clones of Bank Websites," ABA Bank Marketing, April 2004).

We talked about this growing problem with Doug Johnson, an ABA senior policy analyst. Here me our question and his answers.

Recently some bank websites have been counterfeited, and scam artists have attempted to draw the bank's customers to these phony sites. How does the scam normally operate?

Normally the scam starts with a spare e-mail sent to a large number of e-mail addresses on the off chance that the recipient is a customer of the bank. The e-mail usually states that their account has been frozen for some reason or makes some other excuse as to why the customer needs to click on the link included in the e-mail to re-enter their personal information. The bank usually finds out about it through a customer's phone call, and then takes action to shut down the site, if possible, and to alert customers not to respond.

(For more information, ABA member banks can refer to these two ABA eAlerts: www.aba.com/Industry+Issues/ealertiii3.ht m#c and www.aba.com/Industry+Issues/ealertiii18.htm#d)

Another more recent variation is to get an e-mail claiming that your account has lost its FDIC insurance because of violations of the Patriot Act. (See the follow FDIC press release for more information: www.fdic.gov/news/news/press/2004/pr06 04.htm.)

How widespread is this problem?

The phishing trend is increasing, although banks overseas, particularly Australia, have been harder hit.

What are the dangers to banks and their customers?

The dangers are substantial, if a customer provides his account information the account could be taken over and he could become a victim of identity theft. The financial loss in these instances is generally borne by the bank.

What, if anything, can be done to protect banks and prevent these types of scams?

Prevention at this point is difficult. Banks that have been affected should immediately alert their Internet banking service provider, as well as the Internet service provider (ISP) of the offending site, if known.