Financial fraud last year caused 7.5 percent of all adults in the United States to lose money, largely because of data breaches.
That's the finding of a survey conducted by Stamford, Conn. research firm Gartner. The survey polled 5,000 U.S. adults and also found that when compared with average consumers, nearly twice as many people who lost money to fraud changed their shopping, payment, and e-commerce behavior. In particular, victims of electronic checking and/or savings account transfer fraud were nearly five times more likely to change banks because of security concerns.
"Fraud victims are also more cautious about which brick-and-mortar stores they shop at and how they pay for goods when they get there, demonstrating more awareness of the risk of data breaches," said Avivah Litan, vice president and distinguished analyst at Gartner, in a news release.
High-tech crimes, such as data breaches (which typically involve hacking into enterprise systems) and phishing attacks against consumers, are the most prevalent causes of payment card fraud.
Gartner found that financial losses were highest with new-account, credit card and brokerage fraud, with average losses per incident totaling $1,097, $929 and $900, respectively. However, victims of brokerage, credit card and debit/ATM card fraud find it easiest to recover their losses, receiving an average of 100 percent, 86 percent, and 77 percent of the funds stolen, respectively.
Conviction rates for these crimes are low, according to the report. Less than one-third of the victims reported the crimes to law enforcement, with about five percent reported to the Federal Trade Commission. The chances of a criminal getting arrested and convicted for identity-theft-related fraud are much less than half of one percent.
As a result, Gartner recommended that any organization that is holding sensitive consumer data must act now to protect customer records and credentials, claiming that this is “a less-costly exercise than customer churn resulting from financial fraud.”
Other recommendations: Customer accounts must be assumed likely to be compromised by attack vectors outside enterprise control, and enterprises that have secured their systems should advertise the fact to gain consumer confidence and business.