Reliance Security Solutions

News & Media

From
To
Back to main news page

Identity theft and fraud on the increase

How safe are you from identity fraud? Not safe at all, according to an IT fraud expert, speaking at a Reliance Security Services conference in Leeds on April 1st.

Danny Harrison, ID Theft Manager of CPP Ltd, said that the rapid growth of online activities by individuals meant they were surrendering more and more of their personal data. And the more information that individuals imparted, the greater the risk of fraud.

He went on to list various aspects of what are now integral parts of people’s “digital life”, such as memberships of social networking organisations, popular online shopping sites and internet service providers, all of which demanded various details. These included email addresses, date of birth, memorable personal data, credit or debit card information and employment history.

Internet useage and online activity
Research conducted by CPP 12 months ago showed just how prevalent our online habits have become. It revealed that:
• The average Internet user visited 28 different websites a day.
• Users also used their personal details to log on to 15 different sites.
• Some 70% of surfers used Internet banking.
• Almost the same number regularly shopped online.
• One in ten users open emails or attachments from unknown sources.
The methods used by fraudsters are well documented these days, but their continued success underlines the fact that most people remain relatively oblivious to the risks.

Methods used by fraudsters
Phishing, for example, is where fraudsters will attempt to persuade the online user to hand over personal details such as bank passwords in order to rob their accounts. So, an email purporting to be from the bank asking for such details to be forwarded to a fraudulent address is common, as are the setting up of false websites that purport to be of the users bank. Mr Harrison said there had been a reported 800% rise in phishing attacks between 2005 and 2006. The situation had only worsened since, he said.

Hacking is another common weapon, whereby criminals will attempt to find personal details through fraudulently accessing their computers. This is a particular problem for the banks and other finance houses – once a criminal has breached a website’s defences, the damage that can be done is limitless. Hacking has also become a problem due to the prevalence of wireless networks, many of which require the user to “switch on” the security access to the system - many users fail to do this, leaving them highly vulnerable to hackers.

And while personal ID theft was probably the one most exercising the general public, there was also a significant and growing problem of corporate ID fraud.

Corporate ID fraud
Mr Harrison showed how the Internet now made it relatively easy for a fraudulent company to insert itself into the business process of another organisation, thereby putting itself in a position to potentially profit from three key areas:
• Customers – intercepting orders and payments from customers online.
• Banks – making fraudulent loan and other fund applications to the business’s finance source, again via false online representations.
• Suppliers – receiving goods and services destined for the “real” business.
So, asked Mr Harrison, whose fault is this increase in online criminality? In a CPP study of 3,000 victims of fraud, two-thirds said they had not taken enough care, whilst 28% added that they would have to become a victim a second time before exercising more care.

Fighting ID fraud
Despite apparent apathy, the Government and business are fighting back. Methods of biometric identity, using elements such as eye recognition and finger prints, are well advanced, while a National Identity Scheme remains on the Government’s agenda.

Combating terrorist activity
Security of another kind was examined by a Counter Terrorist Security Adviser (CTSA) to West Yorkshire Police. CTSAs were appointed by the Government to all the UK’s police forces in the wake of the terrorism threat that has emerged in the past five years.

One of their roles is to advise business on how to prepare for a terrorist situation, such as a bomb threat. It was most important, the Adviser said, for each organisation to have a business continuity plan in place. This means that whatever the seriousness of the emergency situation – an evacuation lasting hours, perhaps days, for example – a business could continue to operate at a strategic level.

On a more practical level, he outlined how security personnel could make a significant difference to their organisations through some straightforward steps. These included being vigilant for hostile surveillance. It was now well documented that today’s terrorists will carefully monitor their targets ahead of any attack.

Thus, unusual activities not normally associated with a particular building, such as individuals taking photographs or making notes should be alerted to police. Likewise, vehicles making repeated visits to the vicinity, individuals asking security-related questions and monitoring of security cameras are all areas that should raise concerns.

He concluded with the warning that the threat level to the UK remained very high and urged continued vigilance from the business community.

New corporate manslaughter legislation
Earlier, Isaac Mirza, Partner, Business Crime and Regulation, JMW Solicitors, guided delegates through the complex maze of business law, particularly with respect to the new corporate manslaughter legislation due to come into effect on April 6th 2008.