Identity theft and Cyber Crime on the rise

Identity Theft

Identity theft with a smart phone

According to data analysed by the Government’s Behavioural Insights Team, 2000 smartphones are stolen EVERY DAY.  iPhones are particularly sought after by thieves.  Chris Greenwood, Daily Mail, reported a lot of these phones are stolen and sold overseas.  Crime Gangs can then avoid the blocking technology that helps to protect phones in the UK.  Personal details can be extracted to facilitate identity theft and fraud.

Home Secretary, Theresa May, recognises the risk associated with mobile phone theft.  She is encouraging a collaborative approach between the government, phone industry and police in an effort maximise security of mobile devices.  She is also working to stop the reactivation of phones overseas “thereby killing the export market”.

DataPatrol recommend a number of steps to keep information held on mobiles safe.  These include:

  • Locking your phone
  • Make the most of encryption settings on your phone to protect sensitive information
  • Use caution over apps – particularly where they require permission to access other applications
  • Use anti-theft features such as being able to remotely access and wipe data on your mobile device

Cyber Crime

The Telegraph recently reported that more than 132,000 British customers fell victim to identity fraud over the internet in 2013.  How do you know you are a victim of cybercrime?  How can you stop hackers from stealing your money?  Be vigilant and look for warning signs such as:

  • Unexpected charges on your mobile phone bill – someone may contact your phone provider and make transactions on your account. This could include adding other mobile devices or SIM cards
  • Delivery of something you haven’t ordered – fraudsters will often try to order something in your name and plan to intercept it before it is delivered to your home address.  If you haven’t ordered it, DO NOT ACCEPT DELIVERY of the item.
  • Receiving unexpected, irrelevant or unsolicited post – for example, extended warranty offers on something you haven’t purchased, a court summons for failing to pay a bill.

Information Commissioner’s Office imposes fine for “staggering lapse” in security

Essential Travel, a former subsidiary of the travel agent, Thomas Cook, failed to put proper security measures on its website.  Hackers stole 1.2 million credit and debit card details.  They also accessed customer information such as name, address and telephone numbers.  The parent company, Think W3 Limited has recognised it did not put proper security measures in place. It also accepted liability for failing to test system security and to delete old information.

The ICO has extended a fine of £150,000 and says

“Data security should be a top priority for any business that operates online”

What happens to stolen data?

Sometimes hackers steal data for the thrill of it, boasting about their prowess on the internet.  In most cases however, data is taken so that it can be sold on to criminal gangs or underground marketplaces.   The value of basic information varies from £1 to £30, depending on whether it comes with a password.

Data can be used to send out millions of spam e-mails.  It only needs a few recipients to click on a link – inadvertently installing dodgy software – and you could end up with annoying pop up ads on your screen.  Criminals get a cut for every one you click on.

Worse still, key logger software could be installed without you knowing – allowing criminals to see passwords for online accounts.  You also risk falling foul of spear phishing – a cyber-attack where highly personalised e-mails are sent to trick you into providing bank details.

What should I do to protect my business?

The Technical Director at Voltage Security says “everything should be encrypted”.  If information gets into the wrong hands, it can be devastating to a business.  We have seen huge fines levied by the Information Commissioner’s Office (ICO).  A breach of data protection can also damage your reputation.  Don’t forget your responsibilities at the end of a computer / mobile device’s life.  Such equipment can be destroyed / recycled responsibly with the support of RecyleIT 4U.

Legislation Update: Information Commissioner’s Office (ICO) updates Code of Practice for surveillance cameras and personal information

Since the 2008 CCTV code was introduced, we have seen an evolution in digital recording technology and its application.  There are now automatic number plate recognition systems that can check payment of road tax.  Police officers wear cameras to record images and identify criminals in a crowd.  Did you know that surveillance cameras are not just used to keep us safe and prevent crime?  They collect information that is used in decisions elsewhere – for example, whether you are truly in catchment for your child’s school.

As a result of such technological advancements, the ICO have provided guidance on how to comply with the Data Protection Act when using such systems.  Companies should follow best practice guidelines laid out in the Surveillance Camera Code.  This includes keeping data secure, using encryption where necessary.  You must also be confident in the security of any cloud service used for data storage.

New FAQ:  Do I need to worry about data security?

The Data Protection Act 1998 (DPA) makes it clear that it is your responsibility to destroy any personal data that may be saved on a computer.  Deleting information does not wipe data from a PC.  To ensure that you comply with the DPA, a professional data wiping solution should be used.  At Recycle IT, we offer secure data erasure and destruction services.