Research conducted for the banking industry found that many people who use online banking services were complacent about phishing and Trojan attacks, even though they had an understanding of the issues.
The number of phishing attacks has risen by 800 per cent over the last 12 months, the study found, as hackers have responded to the increase in anti-phishing software developed by banks and internet security firms.
Despite repeated warnings on the subject, four per cent of respondents they would still reply to such emails and provide their personal details, with three-fifths admitting they would not check the validity of an email before responding.
Apacs said people are not doing enough to protect their banking passwords, with one-third either writing down their security details or storing them elsewhere on their computers.
Two-thirds of consumers never change their passwords, while one in five were found to use their bank details for other non-banking websites.
In addition, consumers under the age of 24 are the most susceptible to phishing attacks, while older people are the least likely to regularly change their passwords.
Sandra Quinn, director of corporate communications at Apacs, said: "This new research shows that some people still aren't doing all they should to protect themselves which, hand in hand with a large increase in phishing email attacks at the start of the year, leads us to expect an increase in online banking fraud losses in the first half of 2006."