Tuesday, October 02, 2012
Illegal trade in online data
Today's Financial Times has a shocking story identifying that 20 million items of personal data were traded illegally over the internet in the first half of this year, as more people went online.
They say that research by Experian has concluded that the amount of illegal data in circulation is likely to be four times what it was in 2010 by the end of this year.
The reason for this is that consumers have more accounts online than before, using their computers to make bank payments to utility and council tax bills amongst many others. A lot more shopping is done virtually as well. They say that the average Briton now has about 26 accounts online and those aged 25-34 have about 40 accounts:
Data are sold by hackers on auction-like black market sites, where information to authenticate credit card accounts sells for $1-$30 an account depending on the card credit limit. Passwords for email accounts sell for $1-$20.
About 90 per cent of illegally traded personal data involves the combination of an account name and password, Experian said.
The most prevalent form of identity theft is account takeover, where someone simply begins using a consumer's email or bank account. Fraudsters can also set up new accounts in a user's name, running up bills which can take a long time to sort out with creditors.
A lot of this is difficult to defend against of course but some elementary precautions help. Experian say that people's behaviour can make them more prone to having their data hacked. Three-fifths of internet users never log out of websites and a quarter never check whether a website they are visiting is marked with an image of a security padlock to denote that it is a secure site.
They also say that consumers frequently reuse the same password for many sites. A quarter use a single password for most of their accounts, many also use simple, easy-to-crack passwords, such as dictionary words or names of pets.
They say that research by Experian has concluded that the amount of illegal data in circulation is likely to be four times what it was in 2010 by the end of this year.
The reason for this is that consumers have more accounts online than before, using their computers to make bank payments to utility and council tax bills amongst many others. A lot more shopping is done virtually as well. They say that the average Briton now has about 26 accounts online and those aged 25-34 have about 40 accounts:
Data are sold by hackers on auction-like black market sites, where information to authenticate credit card accounts sells for $1-$30 an account depending on the card credit limit. Passwords for email accounts sell for $1-$20.
About 90 per cent of illegally traded personal data involves the combination of an account name and password, Experian said.
The most prevalent form of identity theft is account takeover, where someone simply begins using a consumer's email or bank account. Fraudsters can also set up new accounts in a user's name, running up bills which can take a long time to sort out with creditors.
A lot of this is difficult to defend against of course but some elementary precautions help. Experian say that people's behaviour can make them more prone to having their data hacked. Three-fifths of internet users never log out of websites and a quarter never check whether a website they are visiting is marked with an image of a security padlock to denote that it is a secure site.
They also say that consumers frequently reuse the same password for many sites. A quarter use a single password for most of their accounts, many also use simple, easy-to-crack passwords, such as dictionary words or names of pets.