The facts about identity theft
at risk after data loss
- Around 15,000 Standard Life customers could be at risk of fraud after
their personal details were lost by HM Revenue & Customs (HMRC). The
data was on a CD sent from the Revenue office in Newcastle to the company's
headquarters in Edinburgh. But the disc containing names, national insurance
numbers, dates of birth and pension data never arrived at its intended
BBC, 3 November 2007
says 45.7 million card numbers stolen
- TJX, the US retailer that owns the TK Maxx stores, revealed today
that 45.7 million credit and debit card numbers had been stolen from
its computer systems. British and US police are investigating the theft,
which took place over an 18-month period, and is believed to be the
biggest card heist on record.
The Times, 29 March 2007
fraud threat to chip-and-PIN cards
- SHOPPERS have been warned about a major security fear over chip-and-PIN
machines. Experts at Cambridge University say they have come up with
a virtually foolproof way of stealing a consumer's details. They believe
fraudsters could easily replicate their method and have posted a video
on the internet as an alert. The banking industry admitted yesterday
that the development is a worrying one and say they have their own scientists
working on ways of foiling the criminals. The Cambridge team reprogrammed
a hand-held chip- and-PIN machine to allow them access to card details
and PINs. Researchers say it would be simple to swap their rigged machine
for one in a store. Last year, Shell suspended chip-and-PIN payments
in 600 UK petrol stations after more than £1 million was stolen from
customers' accounts. APACS, the payments organisation representing high
street banks, said the Cambridge breakthrough could be a threat.
The Scotsman, 6 January 2007
are dumping account details on the street
- THE PUBLIC is being exposed to identity fraud because high street
banks are dumping details of their customers’ accounts on the street,
Britain’s information watchdog gives warning today. In an interview
with The Times, Richard Thomas says that he has received “highly disturbing”
evidence that personal information, including bank statements and loan
applications, had been left in bin bags on streets throughout the country.
The Times, 28 October 2006
bins 'an ID theft goldmine'
- Householders are still throwing out too many documents that help criminals
steal their identity a survey suggests. To help solve the problem police
and other consumer organisations have launched their second national
identity fraud prevention week. A bin-raiding test in London found nearly
half of the 120 tested homes had thrown away enough information for
their identity to be stolen. The government has estimated that ID fraud
cost the UK £1.7bn last year. According to CIFAS, the UK's fraud prevention
service, identity theft has risen more than five-fold from 20,000 cases
in 1999 to 137,000 in 2005.
BBC News, 16 October 2006
data stolen at Indian call centres
- Credit card data, along with passport and driving licence numbers,
are being stolen from call centres in India and sold to the highest
bidder, an investigation has found. Middlemen are offering bulk packages
of tens of thousands of credit card numbers for sale. They even have
access to taped telephone conversations in which British customers disclose
sensitive security information to call centre staff.
The Sunday Times, 8 October 2006
IDs sold on web for £1
- THE STOLEN identities of Britons — including their credit card details,
home addresses and security passwords — are being sold on Russian websites
for as little as £1 each.
The Sunday Times, 3 September 2006
lost in organised tax credit frauds
- Forty organised tax credit frauds involving the theft of thousands
of identities and worth at least £5 million are being investigated by
Revenue and Customs inspectors, it was disclosed yesterday. This is
the latest problem to hamper Gordon Brown's beleaguered tax credit scheme,
which was criticised this week by an influential committee of MPs after
it overpaid £4 billion to claimants in two years ... Richard Bacon,
the Tory MP whose inquiries uncovered the illegal activities, said he
understood that manufacturers and large retailers were targeted. People's
identities were being stolen on "an industrial scale" ... Last November,
HMRC said it was investigating the theft of 8,800 identities from people
who worked for JobCentre Plus in London. This led to 2,700 cases involving
payments of £2.7 million before the fraud was stopped. In January, the
Government said Network Rail staff were victims, leading to bank accounts
being created under false pretences. Some 16,000 false claims were stopped.
The Daily Telegraph, 9 June 2006
traders 'must be jailed'
- Jail sentences of up to two years are needed to combat the huge black
market trade in details about people's private lives, says a government
watchdog. Information Commissioner Richard Thomas says there is a "pernicious"
illegal trade in addresses, phone bills, bank statements and health
BBC News, 12 May 2006
take bank cards abroad
- Criminals are now increasingly copying bank cards in the UK before
using them abroad so they can bypass chip and pin security, Lloyds TSB
has warned. While chip and pin makes it much harder for criminals to
make useable copies in the UK, foreign ATMs are less secure. This is
because many overseas ATMs are still taking their information from a
bank card's magnetic strip rather than the more secure microchip.
BBC News, 11 May 2006
more Mr Nice Guy?
- Gone is the sharp-suited, debonair, sliver-tongued fraudster who'd
charm his way to a personal fortune. In his place: countless thousands
hunched over computers, stealing bank details and exploiting technological
weakness - without witnesses, and often for hire. "There's none of what
we used to call conmen these days," says Frank Abagnale. "There's no
need for that any more" ...
Organised gangs rule the roost. Be they Russian, Chinese, Korean or homegrown,
they have the resources to achieve results. "They're like any other business,"
he says. "They're prepared to invest in order to get what they want."
The result: the blizzard of emails "phishing" for bank details or flogging
fake lottery scams; the mass purloining of customer data from banks and
retailers; and at the most extreme level, the - foiled - theft of more
than £200m from the computers of Japanese bank Sumitomo
BBC News, 10 May 2006
king of fraud flies in to help banks beat menace of ID theft
- ONE of America’s most famous fraudsters arrived in London yesterday
to warn Britain about identity theft ... Plans to introduce identity
cards will be even more problematic because “there will be so much information
about someone on one card”, Mr Abagnale said. “It’s more information
to steal. You will be dealing with someone in a government office on
a low salary. The details are going to be vulnerable. These sorts of
cards are very easy to forge.”
The Times, 9 May 2006
in the underpass
- A passage, linked to a major bank's call centre, has become a favourite
with thieves who are prepared to pay cash for your personal details
"Twenty years ago all of a customer's details would have been held at
the branch. Now it is held in a few such centres. The criminals behind
a lot of the fraud we see today know this and are targeting the call centres,
both by trying to infiltrate them by sending workers in to get a full
time job, and by leaning on existing workers."
The Guardian, 1 April 2006
'cuts fraud by 13%'
- The chip-and-pin system cut plastic card fraud by 13% in 2005, according
to the Association of Payment Clearing Services (Apacs). Losses due
to the fraudulent use of credit and debit cards fell last year by £65m
to £439m. Most categories of fraudulent card use dropped, except for
transactions over the phone, internet or by mail. Chip-and-pin cards
were introduced in 2004, with their use becoming required in shops from
February this year.
BBC News, 6 March 2006
theft 'costs UK £1.7bn a year'
- Identity fraud is costing the UK an estimated £1.7bn every year, Home
Office Minister Andy Burnham has said. At £35 per person, the estimated
annual cost was greater than that of planned compulsory national identity
cards, he told BBC Radio 4's Today programme. Critics of the scheme
accuse ministers of playing on people's fears and say flaws in the security
of ID cards mean they could actually increase fraud. A July 2002 Cabinet
Office report put the annual cost of ID fraud at £1.3bn. ID fraudsters
use personal details to gain access to bank accounts, run up bills,
and create false documents like passports to carry out benefit crime.
BBC News, 2 February 2006
OF THE COST OF IDENTITY FRAUD TO THE UK ECONOMY
Home Office, 2 February 2006
fraudsters plunge tax system into chaos
- THE identities of thousands of rail workers have been stolen by criminal
gangs and used to steal millions of pounds from the Treasury, The Times
has learnt. One in seven staff at Network Rail has been caught up in
the tax credit fraud that has plunged the tax system into chaos and
could turn out to be Britain’s biggest benefit scam. Last month it emerged
that 13,000 Jobcentre workers had had their identities stolen and there
are fears that other leading companies have also been targeted by the
gangs. Suspicions are mounting that HM Revenue and Customs insiders
are involved in the fraud. ...
By using the name, date of birth and NI number of Network Rail employees,
gangs have been able to make fraudulent claims through the HMRC’s website
and divert funds into their own website. Criminals were able to claim
up to £100 per month per person, usually by changing the number of children
and the employment status of the person whose identity they had stolen.
The website, used by 500,000 people a year, was closed on December 2 after
ministers admitted that there had been fraud. Losses already identified
exceed £15 million, but that figure is expected to get much higher.
The Times, 18 January 2006
Cassandras foresee trouble with ID cards
- Technology companies stand to benefit from the government's plans
for a national identity card - but they have turned out to be the unexpected
Cassandras of the scheme. A growing number of hi-tech firms say that
far from improving security or cutting down fraud, the cards could actually
create security risks.
The Guardian, 21 October 2005
cards will lead to 'massive fraud'
- In an article for The Scotsman today, Jerry Fishenden, the national
technology officer for Microsoft, says the proposal to place "biometrics"
- or personal identifiers such as fingerprints - on a central database
could perpetuate the "very problem the system was intended to prevent".
He says ministers "should not be building systems that allow hackers
to mine information so easily".
The Scotsman, 18 October 2005
target net call systems
- Malicious hackers are turning their attention to the technology behind
net phone calls, says a report. The biannual Symantec Threat Report
identified Voice over IP (Voip) systems as a technology starting to
interest hi-tech criminals ... The growing use of Voip could encourage
the emergence of:
- audio spam that clogs voicemail boxes with spoken adverts
- voice phishing that tries to con people into handing over confidential
- caller-ID spoofing which allows conmen
to make it look like they are calling from a legitimate number such
as a victim's bank
- call hi-jacking that re-directs calls to conmen and criminals
BBC News, 19 September 2005
to 'adapt to ID cards'
- The UK government's proposed ID scheme will do little to stop identity
theft and may actually exacerbate fraudulent behaviour in its early
years. That is the view of researcher Dr Emily Finch who interviews
career criminals about their activities. She has detailed how they adapt
their strategies to get around new anti-crime technologies such as chip
and pin. Dr Finch will tell a Dublin conference that these criminals
will be undaunted by the prospect of identity cards ... Dr Finch describes
how she and a male co-researcher swapped chip and pin cards and carried
out a number of transactions. Not once, she says, did anyone check the
gender on the card or challenge them - because our increasing reliance
on technology is leading to a breakdown in the vigilance we customarily
BBC News, 4 September 2005
theft spyware scam uncovered
- Thousands of computer users have been caught out by a huge ID theft
ring. Security firm Sunbelt Software said it stumbled across a US-based
server storing megabytes of data stolen from compromised computers while
researching spyware infections. The server held passwords for online
accounts from 50 banks, Ebay and Paypal logins, hundreds of credit card
numbers and reams of personal data. The FBI has reportedly now started
investigating the ring of ID thieves.
BBC News, 23 August 2005
call centre chiefs can steal bank details
- THE manager of an Indian call centre revealed to The Times yesterday
the ease with which workers can steal confidential information despite
claims by British banks that security is tight. His revelation came
as the Information Commissioner said that banks, building societies
and credit card companies could be prosecuted after 1,000 British bank
and credit card details were sold to an undercover newspaper reporter
in Delhi. Police in London and India are investigating the sale.
The Times, 24 June 2005
threat triggers exodus from online banking
- The threat of identity theft and concerns over fraud has led to an
estimated 2 million people opting not to use internet banking services
in the past year.
The Times, 24 June 2005
smash £20m cheque fraud
- Police have arrested 35 people over a multi-million pound cheque book
scam. Up to 400 officers carried out raids on Tuesday at 36 addresses
across London, Surrey, Kent, Cambridgeshire, West Midlands, West Yorks
and Manchester. Cheques stolen from books sent by banks through the
post to people in Golders Green, north London were being cashed for
up to £1,200 each. The Metropolitan Police estimate the thefts have
netted the thieves £20m from across the country.
BBC News, 26 April 2005
call ID services on the rise
- The internet is making it a lot easier to fake who you are via the
phone. Many online services are springing
up that bypass Caller-ID and can make it look like you are ringing from
almost any phone number.
BBC News, 25 April 2005
police foil massive bank theft
- Police in London say they have foiled one of the biggest attempted
bank thefts in Britain. The plan was to steal £220m ($423m) from the
London offices of the Japanese bank Sumitomo
Mitsui. Computer experts are believed to have tried to transfer the
money electronically after hacking into the bank's systems ... They
managed to infiltrate the system with keylogging software that would
have enabled them to track every button pressed on computer keyboards.
BBC News, 17 March 2005
firms plan online fraud-buster
- PLANS for a high-tech mobile fraud-buster are being drawn up by banks
and credit card companies as they seek to combat soaring levels of card
crime. Under the plans, consumers will need to use a security device
the size of a calculator each time they buy something online. The device
will work in a similar way to chip and PIN. Before making a purchase,
consumers will have to insert their card in the device and type in a
PIN to verify that the card belongs to them.
The Times, 14 March 2005
seize on security flaws to make millions from card fraud
- Introduction of chip and PIN was blighted at the outset by the decision
of banks and credit companies to send out preactivated cards
FLAWED anti-fraud measures taken by banks and credit card companies gave
postal thieves rich pickings last year ... Barry Stamp, joint director
of Checkmyfile.com, a business that advises people on their credit files,
said the fraud could easily be stopped if all banks adopted the policy
of card companies such as Marks & Spencer, which puts a block on its “&more”
card and requires customers to pass security checks before the card can
be used ... a spokesman for Lloyds TSB said that all its credit card customers
had to telephone the bank and prove their identity before a card could
Apacs said that organised criminal gangs, which infiltrate organisations
such as the Post Office and secure delivery companies, were behind the
rise in postal fraud.
The Times, 8 March 2005
card fraud rises above £500m
- Fraud involving credit and debit cards rose by a fifth to £504.8m
last year, a bank payment body has said. Much of the rise was due to
an increase in crime involving cards lost or stolen in the post, the
Association of Payment Clearing Services (Apacs) said. Banks are replacing
140 million cards with new chip and pin cards, but Apacs said some of
these were falling into the hands of fraudsters. Apacs also said that
internet scams cost UK consumers £12m in 2004. It is the first time
that Apacs has put a figure on the amount of money consumers are losing
through phishing scams and computer viruses which can capture security
details through keystroke logging.
MAIN AREAS OF CARD FRAUD
||£129.7m (up 17%)
|Card stolen or lost
||£114.4m (up 2%)
|Card not present
||£150.8m (up 24%)
|Card lost or stolen in the post
||£72.9m (up 62%)
||£36.9m (up 22%)
Source: Association of Payment
Clearing Services (Apacs)
RISING CARD FRAUD
BBC News, 8 March 2005
card fraud hits new high despite chip and PIN
- CREDIT and debit card fraud has soared to a record £500 million despite
the introduction of new chip-and-PIN technology, it emerged today.
The Times, 8 March 2005
brought over bank 'scam'
- Police have charged 30 people after nearly £2m was allegedly siphoned
illegally from people's bank accounts and several financial institutions.
More than 200 Strathclyde Police officers were involved in raids at
42 addresses on Thursday morning. Confidential personal banking security
details are said to have been accessed, leading to identity theft, credit
and loan requests and balance transfers. The names of the institutions
involved are not being made public.
BBC News, 3 March 2005
Britons 'fear falling victim to identity fraud'
- A QUARTER of British adults have been victims of identity theft or
know someone who has had their ID stolen, according to a report. An
identity theft takes place every four minutes and costs the country
an estimated £1.3 billion a year. It is one of the fastest-growing crimes
in Britain. Which?, formerly the Consumers’ Association, has found that
two thirds of people are worried about identity fraud which, for victims,
can be a harrowing experience.
Malcolm Coles, editor of Which? magazine, volunteered to let one of his
researchers steal his ID. “I couldn’t believe how easy it was for someone
else to assume my identity,” he said. Within a short time, the researcher
had obtained Mr Coles’s birth certificate, mother’s maiden name, mortgage
value, medical data and details of his shopping habits and his gym visits.
“If this is what an amateur can do, imagine how easy it is for an experienced
criminal,” Mr Coles said.
The Times, 3 March 2005
new anti-fraud plan
- A new anti-fraud system alerting people to suspicious purchases on
their credit cards within minutes is to be launched. The system, devised
by MasterCard, is designed to speed up vital information to customers
and reduce cases of multiple card fraud. UK credit and debit card fraud
cost £400m last year and criminal methods have become increasingly sophisticated.
MasterCard said the system would boost the rate of fraud detection and
provide more protection to cardholders. If they agree to sign up to
the scheme, cardholders will receive a text message on their mobile
phones immediately their bank is aware of a 'high risk' transaction
on their card. Cases of unusual transactions are currently dealt with
manually by most banks, meaning it can take an hour or more to contact
BBC News, 9 February 2005
fraudsters 'targeting web'
- New safeguards on credit and debit card payments in shops has led
fraudsters to focus on internet and phone payments, an anti-fraud agency
has said. Anti-fraud consultancy Retail Decisions says 'card-not-present'
fraud, where goods are paid for online or by phone, has risen since
the start of 2005. The introduction of 'chip and pin' cards has tightened
security for transactions on the High Street. But the clampdown has
caused fraudsters to change tack, Retail Decisions said.
BBC News, 7 February 2005
theft surge hits US consumers
- Almost a quarter of a million US consumers complained of being targeted
for identity theft in 2004, official figures suggest. The Federal Trade
Commission said two in five of the 635,173 reports it had from consumers
concerned ID fraud. ID theft occurs when criminals use someone else's
personal information to steal credit or commit other crimes. Internet
auctions were the second biggest source of fraud complaints, comprising
16% of the total. The total cost of fraud reported by consumers was
BBC News, 1 February 2005
theft mastermind gets 14 years
- A Briton involved in what is believed to be the largest identity theft
case ever has been sentenced to 14 years in prison by a New York judge.
Philip Cummings, 35, used his job as a computer helpdesk employee to
steal personal information from more than 30,000 unwitting customers.
He passed credit card and other stolen details on to other criminals
Cummings, who worked for Teledata Communications - a New York-based software
company which helps lenders access major credit databases - had access
to clients' codes and passwords. He would steal people's credit reports
and pass them on to an accomplice, who would sell them on and share the
profits with Cummings. The stolen identities, bought by intermediaries
for about $60 per name, were then used to access the victims' bank accounts
and use their credit cards. The criminals would buy expensive goods, including
computers and electronic equipment, and resell them to other members of
the network. By changing a customer's personal details, the thieves could
even have new credit and ATM cards mailed directly to them. Stolen password
More than 15,000 unauthorised credit reports were accessed by using a
stolen password belonging to Ford Motor Credit, making the scam harder
BBC News, 11 January 2005
and pin' security warning
- A leading security expert has warned that new chip and pin credit
and debit cards could be open to fraud. Professor Ross Anderson, from
Cambridge University, says villains will be able to capture card and
pin data to "make up" forged cards. But the banking industry has rejected
his concerns, saying the system is extremely robust. More than three-quarters
of card holders already hold one of the new chip and pin cards.
BBC News, 18 December 2004
machine fraud nearly doubles
- Cash machine fraud increased by 85% to £61m during the past year,
according to the Association of Payment Clearing Services (Apacs). Cash
machine crime was the fastest growing form of card fraud in the past
year, the banking payment body added. Fraudsters target cash machines
using skimming devices, which copy card details, and miniature camera
devices, which record cardholders' PINs.
BBC News, 10 November 2004
held over ID fraud website
- Twenty-eight people, including a Briton, have been arrested after
a global operation against a website allegedly involved in identity
fraud. Those arrested are accused of operating Shadowcrew.com, which
investigators claim was a global clearing house for criminals involved
in credit card fraud ... She said criminals were using the websites
to traffic counterfeit credit cards and false identification information
and documents such as credit cards, driver's licences, passports and
birth certificates. The websites shared tips on how to commit fraud
and provided a forum by which people could buy the information and tools
they needed to commit such crime, she said.
BBC News, 29 October 2004
of ID rules pressures banks to open doors
- ANTI-MONEY laundering rules for customers opening new accounts are
to be relaxed as the Government prepares to pressurise banks to open
more accounts for the poor. Gordon Brown, the Chancellor, is expected
to lay out specific sales targets for Britain’s banks before the end
of the year, as part of a drive to reduce the number of people in the
UK who do not have a bank account ... The rules will also scrap the
requirement of a utility bill as proof of address. A spokesman for the
FSA said the requirement had proved too difficult for some people, adding
that such bills were easy to fake.
The Times, 29 October 2004
fraud shows sharp increase (take
- Credit and debit card fraud rose by nearly a fifth to £478.8m in the
year to July, the Association of Payment Clearing Services (Apacs) has
revealed. Crime involving cards lost or stolen in the post increased
by 51%, Apacs said. All UK banks are replacing their customers' cards
as chip and pin fraud-prevention technology rolls out. An Apacs spokeswoman
said criminals were stepping-up their fraudulent activities during the
introduction of chip and pin card technology.
BBC News, 5 October 2004
sound alarm on online fraud
- The banking industry has warned customers with online accounts to
guard against a new wave of cyber fraud. Industry body Apacs said some
2,000 British online account holders had been taken in by scams in the
past year, losing £4.5m between them. Many were duped into revealing
their account passwords by phoney e-mails purporting to come from their
bank. Others had their computers infected with programs which allow
fraudsters to record their log-in details.
BBC News, 1 October 2004
fraud prevention 'pays off' (take
- UK credit card fraud dropped for the first time in nine years during
2003, a survey has found. Market analyst Datamonitor said credit card
fraud fell 5% to £402.4m last year, from £424.6m in 2002. It added that
the introduction of chip and pin cards - where customers verify a purchase
by keying in a four-digit pin - should cut the figure further.
BBC News, 25 August 2004
- ... The unidentified suspect was detained April 1 at Dejvicka metro
station in Prague 6 after a witness tipped police that the man was tampering
with a cash machine. Police said he was attempting to install a scanning
device to copy data from a cash card's magnetic strip, along with a
miniature camera to watch patrons enter their personal-identification
The Prague Pose, 15 April 2004
sees surge in 'phishing'
- UK bank customers have been warned they may be targeted in a new wave
of "phishing" scam emails. The Association for Payment Clearing Services
(APACS) has told BBC News Online it is worried by a surge in phishing
scam emails in recent days. Customers of some of the UK's largest banks
are being targeted, APACS said. Phishing scamsters pose as a bank to
request personal details as part of a bogus "security check". The crooks
then use the details to empty accounts.
BBC News, 25 March 2004
on identity theft
- A fraudster could be arrested for mere possession of a false document,
in a new attempt by the government to stem the rising tide of identity
fraud. The new measures would mean criminals who were caught with stolen
documents, such as fake passports or driving licences, could face up
to two years in prison. Identity theft is the fastest-growing type of
fraud in the UK and costs Britain £1.3bn a year.
BBC News, 18 June 2003
credit cards tested
- A new system designed to beat credit card fraud has gone on trial
in a British town. Shoppers in Northampton will be using credit, debit
or charge cards that contain a special chip. Instead of signing for
goods, the users will have to enter a four-digit pin number.
BBC News, 19 May 2003
fraud risk from ID theft
- Enterprising crooks are pulling off multi-million pound bank frauds
using the same tactics deployed in stealing credit card details, investigators
have warned. Moreover, the increasing focus on "knowing your customer"
- identifying who really owns a bank account - when the account is opened
could be cutting into checks and balances further down the line. Scammers
have long used discarded credit card information - receipts, junk mail
card offers and so on - to steal from cardholders or to help in other
kinds of identity theft-related crime.
BBC News, 7 March 2003
card database hacked
- A computer hacker has gained access to more than 5 million Visa and
Mastercard credit card accounts in the US. The two companies said on
Tuesday that none of the information obtained, which would include credit
card numbers, was used in a fraudulent way. But a UK-based business
crime expert warned account holders could still be at risk if their
cards were not reissued. Visa and Mastercard said the hacker breached
the security system of a company that processes credit card transactions
on behalf of merchants.
BBC News, 18 February 2003