The convenience of online banking appeals to fraudsters too
Fraudsters are continuing their switch from traditional card fraud to raiding online bank accounts, according to new research.
Fraud losses on UK credit and debit cards totalled £440m in 2009 - a drop of 28% compared with the previous year - the UK Cards Association said.
But the number of "phishing" attacks rose by 16% in the same period.
This is when fraudsters trick people into entering their personal details on a website or in an e-mail.
The fall in card fraud is the first recorded for three years, with criminals now using a series of methods aimed at targeting online banking, which has risen in popularity.
The UK Cards Association said that criminals were hoping to avoid banks' own security controls by tricking people out of their personal details through scams, or by infecting home computers with software that gathers these details.
As a result, the total amount of online banking losses reached £59.7m in 2009, a 14% rise compared with the previous year.
Melanie Johnson, who chairs the UK Cards Association, said: "We are committed to a wide range of measures to ensure customers feel confident, safe and secure when they use their credit and debit cards - whether in a shop, abroad, online, at a cash machine or anywhere else."
Mel Morris, of the online security software firm Prevx, said online fraud was relatively easy to commit:
"It's possible to buy a kit online for a few thousand pounds and you can be in the business of trying to perpetrate online fraud," he said.
Overall losses from card fraud fell last year. Chip-and-pin was highlighted as the major factor behind an 11% fall in fraud on lost and stolen cards - now at its lowest for two decades.
ONLINE FRAUD TERMS
Phishing: Sending a host of e-mails pretending to be from a bank in the hope that some users click on a link to a website that gathers their account details and password
Malware: Unsuspecting users download software that allows fraudsters to track the keystrokes they make on their computer
Spear phishing: Targeted phishing of a small group of people, often using fake social networking websites to gather personal information
Counterfeit card fraud halved from a year earlier, although there were some big cases that pushed up losses in 2008.
Mail non-receipt - when cards and Pin details are intercepted in the post - fell by 32%.
There was also a 19% drop in the fraudulent use of cards to buy items over the phone, internet or by mail order - known in the industry as "card not present" fraud.
One factor in this drop has been the introduction of online payment tools, such as Mastercard Secure Code and Verified by Visa, which ask the card owner to type in a second Pin code at the point of purchase.
Fraud when UK cards were used abroad also fell, by 47% to £122.7m, and cheque fraud was cut as fewer people used that method of payment.
Mr Morris said the banking industry was seeing the benefit of a number of different measures.
"Merchants are trying to tighten up their site controls to stop credit cards being stolen en-masse," he said.
"Payment analysis processes are slowly making it harder to use a stolen card."
Any UK customer who loses money on their card without being negligent themselves is entitled to a refund of the money from their card supplier.
"We recognise that cards will always be targeted by criminals, so we are determined not only to continue to prevent, detect and deter those who are behind this type of crime, but also to make sure that innocent victims do not lose out," said Ms Johnson.
Stephen Ley, partner at accountancy firm Deloitte, said: "In the next year clear customer information from banks will remain key to reduce fraud further. A better-educated consumer is less likely to fall foul of phishing attacks.
"Customers need to protect themselves on their computer, remaining vigilant and using good security software."