Spyware worm leads to identity theft fears

Ignoring security procedures could put online shoppers in hot water

Shoppers are being told that the only way they can stop identity theft when shopping online is by taking more time and effort over transactions.

The warning follows the news of a new Spyware Trojan which drains the bank accounts of online users.

The worm, found by Webroot, lies dormant on the PC and works by analysing the keystrokes being entered by the user. As soon as it recognizes a bank or building society URL, it begins to log any detailed keyed-in. This not only allows fraudsters to drain funds from the account but according APACS, the UK payments association, can also be used as a way for them to use details to shop online.

Sandra Quinn, spokeswoman for APACS said: “Fraudsters are doing exactly what we do when shop online including handing over our details. However, the blame is shifting from retailers and into the hands of consumers,” she warns.

Although Card Not Present fraud has grown in the last half year by six per cent, this growth is relatively small compared to the 21 per cent growth between 2004-2005.

Interactive Media in Retail Group (IMRG), the industry body for global e-Retailing, attributes this to retailers that are tired of being liable for any fraudulent transactions "taking a real step in fighting fraud" and joining up to a number of security schemes to help consumers.

The 3D secure initiative scheme, a pop-up from Visa or MasterCard after you have completed an online transaction that asks you to verify passwords, is a step up from the usual security code requests.

However, Quinn warned "consumers are missing out on this protection as they are in too much of a hurry to fill out the forms" and this could get them into serious trouble.

"By using this scheme retailers are exempt from liability and it will only be a matter of time before banks hold up their hands to this, citing the fact that consumers are not helping themselves,” she said.

This week saw the biggest online shopping day of the festive season (December 4th), with people spending a record £183m, said the IMRG. Sales were almost 30 per cent higher than last year’s peak of about £131m, on December 12th.

Verdict, the UK’s authority on retailing, also announced that 4.5 per cent of the total spent on Christmas in December will be done online, showing the importance of protection.

Daniel Mothersdale, EMEA marketing director at Webroot, advised consumers: “Make sure that the software installed is capable of protection against Spyware, the new and advanced technology used to invade a PC.”