Is there a difference from one bank to another when it comes to identity theft? Who is the best, who is the worst at protecting you from fraud and who is under the greatest attack by fraudsters? How could the average consumer possibly know this? A recent study indicates a slew of bad news here for customers of HSBC, BofA and WAMU.

Chris Hoofnagle of the Boalt School (Berkeley) has done the research for you, leveraging the US Freedom of Information Act to request the data from our top financial institutions. Based upon complaint data from consumers (you and me) in 2006, he was able to determine the picture of where the greatest amount of identity theft is occurring. As a customer of one of the "worst" banks, I can use this information to be doubly on guard for any phishing attacks that might come my way. You can read a good summary over at CNET.

If you don't know what a phishing attack is, let's review:  a phishing attack is a message usually in email but also in Instant Messaging, chat services in game environments, messages on Facebook, YouTube, etc that tell you to take action to remedy a problem in your account. Usually it's an important message from the "Account Administrator". In the financial world, the most troubling ask you to log into your online banking account but you aren't linked to the right site. Instead, it's a lookalike site where you give your personal account information (account numbers, passwords, social security numbers) to criminals. They proceed to wipe out your account, transferring the money to their own pockets.

Here is an example of an actual HSBC phishing attack. Scroll down the page to see how incredibly authentic the criminals make their emails appear!