ID theft up on renewed malware attacks
New phishing and malware attack strategies, coupled with increased volume has caused IT theft incidents to spike, study reveals.
Online identity theft has risen dramatically since the start of the year, driven by an increase in malware and phishing attacks, says risk monitoring specialist Cyveillance.
As part of its Online Financial Fraud and Identity Theft 2007 study, the US-based company used web crawlers and specialised search engines to find huge volumes of personal information available on the web.
It says it came across more than three million pieces of information, including around 320,000 debit and credit card numbers, 1.4 million social security numbers, and 1.3 million login details for bank accounts.
Cyveillance security experts say the two leading online identity theft risks, phishing and malware, increased significantly in the first two months of 2007, with the number of brands being phished jumping by 50 per cent and malware attacks growing by 200 per cent.
Phishing attacks make use of the brand identity of virtually every large global financial institution and a growing number of localized small to medium-sized financial institutions, says Cyveillance.
Using compelling emails that purport to come from these institutions, phishing attacks entice users to click through to a site that then installs malware on that user's machine, usually without any action on the user's part needed.
"As our research shows, the breadth and depth of online risk are on the rise, with increasingly elaborate attack schemes and tactics," said Panos Anastassiadis, chief executive of Cyveillance. "More individuals and organisations view malware as a revenue-generating fraud technique, as it evolves from a simple nuisance to more malicious threats."
The identity theft problem, though global, is particularly acute in the UK, say experts.
"According to the Home Office, identity fraud is costing the UK an estimated 1.7bn every year," says Harry Meikle, group managing director of address management and identity authentication specialist QAS. "That's the equivalent of 35 for every person in the UK each year, greater than the estimated cost of national identity cards. Criminals gangs are now the main perpetrators of ID fraud, using illegally gained identities to access bank accounts, apply for credit cards, and create false documents such as passports so they can claim benefits."
It's just over a year, says Meikle, since the identities of 1,500 Department for Work and Pensions staff were stolen and used to make false claims on the government's tax credits web site.
BCDR buyer's guide for MSPs
How to choose a business continuity and disaster recovery solutionDownload now
The definitive guide to IT security
Protecting your MSP and your customersDownload now
Cost of a data breach report 2020
Find out what factors help mitigate breach costsDownload now
The complete guide to changing your phone system provider
Optimise your phone system for better business resultsDownload now