Password problems lead to ID theft, report

Using the same password on different websites could cause users to become identity theft victims.

People who use the same password for multiple online accounts and websites could leave themselves open to identity theft, according to an expert.

David Emm, senior technology consultant at anti-virus firm Kaspersky Lab said that consumers freely disclose information on social networking sites, designed to be used as unique identifiers - pet name, mother's maiden name, nickname, even car registration number.

"All it would take is one clever hacker or phisher to get hold of these databases and they could have access to a raft of online accounts," he warned.

The company recently carried out a survey on password habits and found that 62 per cent of users have up to ten online accounts that require passwords, with 23 per cent of users having more than 20 password protected accounts.

The study of 150 people also found that more than half of respondents (51 per cent) use only between one and four passwords to access their accounts.

"Today's threat landscape is very different from that of a few years ago," said Emm. "Malware is designed to remain undetected so that it can target victims individually and harvest personal information, to be used for criminal purposes."

He said coupled with personal information gained from a social networking site and hackers could "have the key to credit card accounts, online bank accounts, or social security fraud."

Another survey found that identity theft has increased by 50 per cent over the last year in the US.

Approximately 15m people in the country were victimised by some sort of identity-theft related fraud in the 12 months up to the middle of 2006, a report from Gartner said.

The survey of 5,000 US adults found that the average loss of per person was $3,257 (1,692) in 2006, up from $1,408 (731) in 2005.

"Hackers are exploiting internet auctions, non-regulated money transmittal systems, the ability to impersonate lottery and sweepstake contests, and other types of imaginative scams," said Avivah Litan, vice president and distinguished analyst at Gartner.

"The thieves have also discovered the weakest links in the US payments systems. Typically, the weak links are found among the five or more million businesses that accept electronic payments from consumers, and the consumers themselves," she said.

According to the report electronic theft is a leading cause of certain types of fraud, including credit card, debit card and bank account transfer fraud.

"All sensitive electronic data needs to be protected, but enterprises should be aware that the low hanging fruit for the criminals is electronic card and checking account numbers, as well as user IDs and passwords for online financial accounts," said Litan.

Featured Resources

Unlocking collaboration: Making software work better together

How to improve collaboration and agility with the right tech

Download now

Four steps to field service excellence

How to thrive in the experience economy

Download now

Six things a developer should know about Postgres

Why enterprises are choosing PostgreSQL

Download now

The path to CX excellence for B2B services

The four stages to thrive in the experience economy

Download now

Recommended

Mastering endpoint security implementation
Security

Mastering endpoint security implementation

16 Apr 2021
US, UK say Russia was behind SolarWinds hack
cyber attacks

US, UK say Russia was behind SolarWinds hack

16 Apr 2021
1Password targets enterprise customers with Secrets Automation
IT infrastructure

1Password targets enterprise customers with Secrets Automation

14 Apr 2021
PowerShell threats increased over 200% last year
cyber security

PowerShell threats increased over 200% last year

14 Apr 2021

Most Popular

Microsoft is submerging servers in boiling liquid to prevent Teams outages
data centres

Microsoft is submerging servers in boiling liquid to prevent Teams outages

7 Apr 2021
University of Hertfordshire's entire IT system offline after cyber attack
cyber attacks

University of Hertfordshire's entire IT system offline after cyber attack

15 Apr 2021
NSA uncovers new "critical" flaws in Microsoft Exchange Server
servers

NSA uncovers new "critical" flaws in Microsoft Exchange Server

14 Apr 2021