ID theft Hits Britain

A quarter of the 11 million Britons who use social networking sites such as MySpace and Facebook may be leaving themselves open to identity fraud.

Get Safe Online, a government-backed campaign group,said a date of birth and address details were enough for someone to set up a credit card in another name.

"Although some of these details may seem harmless, they actually provide rich pickings for criminals,"

Its research also showed eight million people leave home wireless networks unprotected against intruders. It showed that not only was it easy to freeload on an unsecured network but also to hack into it and 'steal' potentially valuable information. Over 7.8 million people in the UK have left their internet access open for anyone to use.

And more than half of the over-65s polled use a single password for every website they visit, the group said.

The group is advising older internet users to change their passwords more often.

Affluent Londoners have borne the brunt of ID thefts over the last twelve months according to research to coincide with National Identity Fraud Prevention Week (16th – 22nd October) from credit reference agency Callcredit.

 
Its research analysed the incidence of ID theft in the 121 main postal areas in the UK over the course of the last year (1). In addition it looked at the characteristics shared by those people who live in areas where the risk of ID theft is highest (2).

 
Callcredit director Mel Mitchley says: “ID theft is one of the fastest growing types of fraud in the UK.  But it is also one of the most preventable if people take a few simple precautions.

Figures showed 19 of the 20 postcode areas in Britain worst affected by the crime are inside the M25 - and the other one is just outside, in Maidenhead.

CIFAS an industry body that helps companies share information to fight fraud, compiled the list.

 
Its 270 members managed to foil attempts at fraud worth £741m over the nine months to October - but it is estimated that losses from stolen identities total nearly £2bn a year.

 
One of the fastest-growing areas of identity theft is called "current address fraud", which sees the victim scammed by someone living at the same address as them.

Students could be putting their finances at risk due to their mail being received at multi-occupation residences, credit reference agency Equifax states.

So-called current address fraud is on the rise and those most at risk are students who are occupying large halls of residences and therefore sharing an address with many others.

 
1. SE16 Greenwich

2. CR0 Croydon

3. IG11 Barking

4. SL6 Maidenhead

5. SE13 Lewisham

6. E6 Newham

7. SW11 Battersea

8. E17 Walthamstow

9. N14 Southgate

10. N4 Stoke Newington/Harringay

11. N16 Stoke Newington

12. E11 Leyton/Wanstead

13. NW2 Cricklewood/Willesden

14. BR3 Beckhenham

15. HA3 Wealdstone

16. SW18 Wandsworth

17. E2 Bethnal Green

18. NW10 Willesden/Harlesden

19. NW3 Hampstead

20. N22 Wood Green

INCIDENCE OF ID THEFT PER 1,000 PEOPLE

London 3.74 cases

Eastern England 1.63

South East 1.45

North West 1.07

West Midlands 1.03

East Midlands 0.89

Yorkshire & Humber 0.81

Scotland 0.71

South West 0.66

Wales 0.61

North East 0.54

Northern Ireland 0.32

Source: Call Credit

And we are making it easy for them, according to a study carried out for National Identity Fraud Prevention Week into what we throw out with the rubbish, ready for bin-raiding fraudsters to use.

Key findings are:

• More than 19 million households regularly put sensitive materials in waste and recycling bins, an 18 per cent decrease in the past year but still worryingly high.

• 13 per cent throw away entire credit or debit card numbers, along with a record of the card's expiry date and an example of the cardholder's signature.

• 37 per cent of households, more than one in three of us, throw away large amounts of personal information, such as driving licences, phone and utility bills.

GUILDFORD is an ID fraud hotspot, according to figures released this week, with general fraud and credit card and cheque fraud seeing significant increases.

 
According to a report by credit checking firm Experian, Guild-ford was one of the top places in the country where ID fraud was prevalent and claimed residents were more than twice as likely to fall victim in the town than the UK average.

 
Surrey Police said their figures suggested cheque and credit card fraud had significantly increased, from 188 incidents in 2005 to 2006 financial year, to 1,935 incidents up until April 2007.

 
A total of 1,884 of these reports came from chip and pin fraud victims – the work of a card-cloning scam uncovered at three local filling stations last year, including the Shell garage on Aldershot Road.

 
More than £1 million was taken from victims’ accounts between March and May 2006.

 
Other cases of fraudulent activity, such as identity theft in Guildford alone rose by 56%, from 384 cases in 2005 to 2006,  to 599 cases in 2006 to April this year.

 
Around 60% of reported cases of ID fraud in the financial year between 2006 and 2007 have since been solved.

A third of people who use websites such as Facebook are leaving themselves open to identity theft by putting their personal details online with no security.
 
A study of more than 7,000 internet users found 41% of Londoners admitted putting their date of birth on a social networking site and 19% providing their telephone number.
 
Neil Munroe of Equifax, which commissioned the study, said: 'What people don't seem to realise is how valuable this information is. The fact is these sites can act like a directory for fraudsters.
 
'It's terrifying how little information fraudsters need to be able to open accounts in an individual's name, rack up huge debts and leave the victim, to spend hundreds of hours sorting out the problem or, at worst, picking up the bill.
 
'Although all these sites provide users with security measures, our survey found 31% don't use them and 63% make their email address public, also making them a prime target for phishing and scammers.'

Somehow, a criminal had accessed Dawn's two online bank accounts, applied for overdrafts in her name and transferred the money into a new account. It's not known exactly where the criminal got the information, but they could have found some useful starting points on Dawn's social networking site. "I did have a MySpace profile with my name, address, date of birth and personal information," she says. "There are probably other forums I put my information on as well."

 

It is possible to choose to keep your details private on MySpace or Facebook. However, some experts believe this should happen automatically - otherwise you're dangerously unprotected. The risks aren't just theoretical. Watchdog set up an experiment to see how much information online friends will unwittingly give away and what can be done with it.

We created a fictional character called Amba Friend and set up a Facebook account for her. Amba sent messages to 100 other Facebook users chosen at random, asking them to be her friend. Of those, 35 total strangers said yes.

One of her new friends was Scott Gould, a 23-year-old from Exeter. By making friends with Amba, Scott automatically revealed the personal information he'd put on Facebook.

Tom Ilube, an expert at keeping your details safe online, told Scott: "The first thing I found is that you've left your date of birth there for all to see. To a potential fraudster, that's a very good starting point."

Using this information, a criminal could find more details about Scott by doing a quick search of other publicly available websites. With these details, Watchdog applied for an online bank account and credit card as if we were Scott. Both applications were instantly accepted.

"I'm very surprised about what you managed to do," says Scott. "I didn't think it would be possible. I've seen with my own eyes what you've done with that little bit of information."

Cyber-crime has become a £52 billion ($105 billion) business, according to David DeWalt, CEO of security firm McAfee. According to his analysis, this is more than the worldwide drugs trade.

Dawn raids by more than 20 police forces across the UK took place on Thursday and Friday in a special identity fraud-busting operation. Held in National Identity Fraud Prevention Week, this action by the police was the culmination of months of work by the SOCA | Serious Organised Crime Agency, the Association of Chief Police Officers(ACPO), CIFAS– The UK’s Fraud Prevention Service and over 20 forces across the UK.

Chief Executive of CIFAS, Peter Hurst, comments “Such action by so many forces is unprecedented and we commend all the forces involved. Fraud (and identity fraud in particular) is rarely committed by casual opportunists, but is the choice of lifestyle and organised criminals who make a living from fraud and other serious criminality.”

“Police resources are such that they have never been able to make fraud a priority. The All Party Parliamentary Group Report on Identity Fraud (published on 7 October 2007) states ‘Law enforcement and the prison system is not sufficiently resourced to deal with the volume of ID fraud in the UK’ and recommended ‘a greater allocation of resources to issues of identity fraud, through a re-prioritisation of the area.’

This operation (Operation Snow Tiger) represents an exciting first step towards moving fraud further up the agenda. Our hope is that the arrest and prosecution of these criminals who use fraud to fund a criminal lifestyle will result in fraud receiving the priority it deserves within police performance plans.”

Do not use your mother's maiden name or place of birth as a security password

Check your credit record annually

If you move, make sure you let your bank know

Shred or rip up post before throwing it in the bin

Never use the same password for all your accounts

Do not carry address details in your wallet

Source: Which? Magazine

Never give anyone your user ID, PIN or password, even if they appear to be a representative of a trusted firm.

Be particularly wary of emails that appear to come from banks, credit card or other trusted companies asking you to update your security information.

Always type the web address of trusted websites into the browser yourself. Don’t click on links in emails.

Don’t enter personal or financial information unless the web address starts with ‘https://’ and there is a small padlock in the frame of the web browser window (see Avoid fake websites).).

Use strong passwords (see Use strong passwords).).

Contact Your Bank and Credit Card Companies:
Identity fraud involving the use of plastic cards (such as credit and debit cards), online banking, or cheques, should be reported directly to the financial institution concerned. Your bank, for example, is now responsible for undertaking further verification and investigation, and where appropriate will report it to the police for investigation following a change in reporting procedures.

These changes were introduced by the Home Office on 1 April 2007, following discussion with the Association of Chief Police Officers (ACPO) and the financial sector, to reduce the level of bureaucracy involved in fraud recording, and to streamline the reporting and initial investigation of such frauds.

Contact Your Creditors:
Get in touch in with creditors with whom you have an account (e.g. banks, credit card companies, store cards, phone & utility companies) even if they have not been affected so that they can monitor your accounts to ensure they remain protected.