Recent studies indicate that unauthorized access to checking accounts is the fastest growing form of identity theft. The perpetrators are taking advantage of the reliance on single-factor authentication for remote access to online banking, along with the lack of e-mail and Web site authentication, to commit account hijacking. Since 1998, when identify theft first became a Federal crime, a number of statutes and regulations have clarified the impermissible use of personal information and offer greater tools for law enforcement; however, no law or regulation solely addresses account hijacking. Regarding legislative and regulatory responses to identity theft, this report discusses standards for protecting information, information to consumers, and increased penalties and tools for law enforcement. Financial institutions can help reduce identity theft, including account hijacking, by encouraging information-sharing on the nature of the offense and the methods used to perpetrate it. A number of information-sharing efforts are noteworthy, including those sponsored by the Financial Service Information Sharing and Analysis Center, the Anti-Phishing Working Group, the Identity Theft Assistance Corporation, and Infragard. Other suggestions for financial institutions and governments in countering account hijacking are as follows: upgrade existing password-based, single-factor ID systems to two-factor authentication and use scanning software to identify and defend against "phishing" (posing as a legitimate institution or company on the Internet to obtain critical personal information). 37 references