'Phishing' attacks lead to loss of identity Gartner estimates that 57 million U.S. adults received a "phishing" attack e-mail within the past year, wherein more than half of those who responded were also victims of identity theft. MUMBAI: Gartner announced the results of a survey showing that an estimated 57 million American adults received e-mail attacks from "phishers" - hackers or cyberthieves who pretend to be trusted service providers to steal consumer account information. Survey respondents included 5,000 online adults, selected as a representative sample of the U.S. population. Extrapolating from this sample, Gartner concludes that more than 30 million people were "absolutely sure" they were victims of a phishing attack, and another 27 million thought they had received what "looked like" a phishing attack - and over 90 percent said the attacks happened within the past year. Another 35 million were unsure whether they had experienced an attack, and just 49 million of 141 million online consumers said they had not experienced one. Gartner research conducted in April 2004 indicates that millions of consumers unknowingly fall for phishing attacks - e-mail communications designed to steal consumer account information, such as credit card data, home addresses and telephone numbers. Consumers have reason to be nervous. Phishing attacks undermine their confidence in the authenticity of e-mail originators, threatening consumer trust in the very foundation of Internet-based communications. Based on the representative sample, Gartner believes that nearly 11 million online adults - representing about 19 percent of those attacked - have clicked on the link in a phishing attack e-mail. Even more seriously, 1.78 million Americans, or 3 percent of those attacked, remember giving the phishers sensitive financial or personal information, such as credit card numbers or billing addresses, by filling in a form on a spoof Web site. Gartner believes that at least a million more individuals may have fallen for such schemes without realizing it. Direct losses from identity theft fraud against phishing attack victims - including new-account, checking account and credit card account fraud - cost U.S. banks and credit card issuers about $1.2 billion last year. Gartner believes that the double-digit expansion of U.S. e-commerce will slow down unless service providers adequately address consumer security concerns. A future Gartner note will outline emerging anti-phishing solutions, ranging from digitally signed e-mail to managed anti-phishing services. Without the implementation of phishing antidotes, consumer trust will further erode and annual U.S. e-commerce growth will slow to 10 percent or less by 2007 (0.6 probability). The rise in phishing attacks is threatening consumer confidence as never before. Eventually, all participants in Internet commerce will be hurt by diminished consumer trust in online transactions. Given that the victims are more likely to suffer from identity theft, consumer distrust in Internet security is certainly a reasonable reaction. Service providers must begin implementing solutions that authenticate themselves to their customers, and their customers to them.