Password problems lead to ID theft, report

Using the same password on different websites could cause users to become identity theft victims.

People who use the same password for multiple online accounts and websites could leave themselves open to identity theft, according to an expert.

David Emm, senior technology consultant at anti-virus firm Kaspersky Lab said that consumers freely disclose information on social networking sites, designed to be used as unique identifiers - pet name, mother's maiden name, nickname, even car registration number.

"All it would take is one clever hacker or phisher to get hold of these databases and they could have access to a raft of online accounts," he warned.

The company recently carried out a survey on password habits and found that 62 per cent of users have up to ten online accounts that require passwords, with 23 per cent of users having more than 20 password protected accounts.

The study of 150 people also found that more than half of respondents (51 per cent) use only between one and four passwords to access their accounts.

"Today's threat landscape is very different from that of a few years ago," said Emm. "Malware is designed to remain undetected so that it can target victims individually and harvest personal information, to be used for criminal purposes."

He said coupled with personal information gained from a social networking site and hackers could "have the key to credit card accounts, online bank accounts, or social security fraud."

Another survey found that identity theft has increased by 50 per cent over the last year in the US.

Approximately 15m people in the country were victimised by some sort of identity-theft related fraud in the 12 months up to the middle of 2006, a report from Gartner said.

The survey of 5,000 US adults found that the average loss of per person was $3,257 (1,692) in 2006, up from $1,408 (731) in 2005.

"Hackers are exploiting internet auctions, non-regulated money transmittal systems, the ability to impersonate lottery and sweepstake contests, and other types of imaginative scams," said Avivah Litan, vice president and distinguished analyst at Gartner.

"The thieves have also discovered the weakest links in the US payments systems. Typically, the weak links are found among the five or more million businesses that accept electronic payments from consumers, and the consumers themselves," she said.

According to the report electronic theft is a leading cause of certain types of fraud, including credit card, debit card and bank account transfer fraud.

"All sensitive electronic data needs to be protected, but enterprises should be aware that the low hanging fruit for the criminals is electronic card and checking account numbers, as well as user IDs and passwords for online financial accounts," said Litan.

Featured Resources

Become a digital service provider

How to transform your business from network core to edge

Download now

Optimal business results with the cloud

Evaluating the best approaches to hybrid cloud adoption

Download now

Virtualisation that enables choices, not compromises

Harness the virtualisation technology that's right for your hybrid infrastructure

Download now

Email security threat report 2020

Four key trends from spear fishing to credentials theft

Download now

Recommended

How LogPoint uses MITRE ATT&CK
Whitepaper

How LogPoint uses MITRE ATT&CK

15 Jan 2021
Weekly threat roundup: Microsoft Defender, Adobe, Mimecast
vulnerability

Weekly threat roundup: Microsoft Defender, Adobe, Mimecast

14 Jan 2021
Mimecast admits hackers accessed users’ Microsoft accounts
Security

Mimecast admits hackers accessed users’ Microsoft accounts

13 Jan 2021
What is public key infrastructure (PKI)?
Security

What is public key infrastructure (PKI)?

12 Jan 2021

Most Popular

How to recover deleted emails in Gmail
email delivery

How to recover deleted emails in Gmail

6 Jan 2021
The fate of Parler exposes the reality of deregulated social media
Policy & legislation

The fate of Parler exposes the reality of deregulated social media

14 Jan 2021
Should IT departments to call time on WhatsApp?
communications

Should IT departments to call time on WhatsApp?

15 Jan 2021