The number of identity fraud victims in the U.S. rose 12% to 11.1 million last year, according to a report released Wednesday by Javelin Strategy & Research.
"Overall identity fraud continues to rise and has never been higher in terms of victims," James Van Dyke, president and founder of the Pleasanton, Calif.-based research firm, said in an interview.
Total losses from identity fraud in 2009 were $54 billion, up from $48 billion in 2008, according to Javelin's identity fraud report, which surveyed about 5,000 adults. The mean fraud amount per victim dipped slightly to $4,841, but out-of-pocket consumer losses were $373, down from $498 in 2008.
"The average consumer cost is actually dropping because businesses are shouldering more of that actual fraud amount in order to protect individuals," Van Dyke said.
Javelin defines identity fraud as unauthorized use of a person's personal information for financial gain, such as fraudulent bank account or credit card transactions and opening of fraudulent mobile phone or credit card accounts. This year's identity fraud report is the seventh such study.
Rapidly evolving technology, the fact that people are spending more time online and the increase in information available on the Web are all contributing to the increase in identity fraud, Van Dyke said.
"Identity fraud is a multi-channel crime, but there's no question in our minds that the most rapidly evolving crimes are occurring online," he said.
Survey respondents reported more credit card fraud (75%, up from 63% in 2008) than debit card fraud (33%, down from 35%). The survey also showed an increase in stolen checking account numbers and health insurance documents
Another survey finding: Criminals are adding registered users on an existing account to take it over more than changing the address on the account to hijack it. That's a switch from last year. Also, small business owners suffer ID fraud at a rate one-and-a-half times higher than other adults, according to the study.
The Red Flags Rule is starting to show some positive impact for consumers, "but the bottom line is that there's just more criminal activity," Van Dyke said. The Red Flags Rule requires financial institutions and certain other organizations to implement a program to protect consumers from identity theft.
"When consumers go into a marketplace, they look for location, convenience and value. Unfortunately, criminals are the same way: They look for easy access, convenience and value," said Michael Stanfield, chairman and CEO of Intersections Inc., a Chantilly, Va.-based identity risk management services firm and a sponsor of the survey.
Banks are doing a pretty good job at educating their customers about online security, but it's a complicated situation, he said.
"Financial institutors are caught in a catch-22," he said. "The more they push education and try to get their consumers to be more careful, the more that's considered by the consumer to be a customer service negative and the more the consumer wants to go to a bank that makes it easier."