Abstract:

 Internet banking in Malaysia has the potential to develop further into a key e-service application that is beneficial to both Internet banking providers and users. To achieve this, a critical mass of Internet banking users needs to be developed and sustained. However, there is growing concern over the erosion of user trust towards this alternative banking channel, stemming from the rise in identity theft cases in the past few years. Phishing is a method of online identity theft where perpetrators pretend to be bona fide institutions sending out scam e-mail messages to users, luring these unsuspecting users into disclosing their personal details for fraudulent purposes. Phishing is becoming a major problem for users and is creating an ever greater issue for Internet banking providers who need to find ways to mitigate the effects of phishing to their operations. This paper outlines the modus operandi of a typical phishing attack and provides a brief overview of the different types of phishing. It is evident that everyone needs to play an active role in addressing this with governments and crime prevention authorities having to come up with the necessary legislation and measures to protect all stakeholders in the Internet banking arena. In addition to that, Internet banking providers need to come up with adequate security systems to minimize the phishing threat to users. More importantly, users need to be educated and made aware of the problem through effective education and awareness programmes. This paper recommends some of the measures and issues that would require the attention of anti-phishing educators in ensuring the effectiveness of these user education initiatives.