17 July 2012 Last updated at 06:29 ET

Warning about online fraud as information theft rises

 
A selection of security devices provided by banks Since banks brought in "two-factor" authentication, fraud has fallen significantly

Related Stories

Fraudsters traded 12 million pieces of personal information online between January and April this year, according to research.

The figure represents a threefold increase on 2010.

Credit-checking company Experian, which produced the figures, said the increase was partly due to consumers having a growing number of online accounts.

Consumers now have an average of 26 separate online logins but just five different passwords.

Experian said many people were unaware their identity had been stolen until they were refused credit cards or mobile phone contracts.

It advised people to change their passwords regularly and make them more complicated so they are harder for fraudsters to crack.

WHAT MAKES A GOOD PASSWORD?

  • Use a password checker, such as this one, from Microsoft, to see whether your password is strong or weak
  • Strong passwords contain a mixture of letters and numbers, the more random the better
  • Users worried about remembering obscure passwords can use random password generators
  • Online random password generators should not be used for secure services such as bank accounts
  • Using first letters of a speech from Shakespeare or a favourite poem offers one way to keep it obscure but memorable
  • It is OK to write passwords down as long as the paper copy is kept safe
  • Avoid dictionary words, words spelt backwards, sequences or repeated characters
  • Never use personal information such as date of birth

Two thirds of people have accounts they no longer use but have not closed down, leaving them vulnerable, the research found.

This was borne out last week when hackers broke into Yahoo's servers and stole 450,000 passwords, many from defunct accounts.

Those who had been victims of the growing issue of identity fraud suffered:

  • refusal of loans or credit cards (14%)
  • debts being run up in their name (9%)
  • refusal of mobile phone contracts (7%)
  • being chased by debt collectors for money they did not owe (7%)

Every week brings fresh headlines about stolen IDs. Last week, alongside the Yahoo hack, it was revealed that one million user IDs had been stolen from the Android forum and graphics hardware maker Nvidia said 400,000 passwords had been stolen from its forums.

This led Microsoft to reveal that 20% of Microsoft account logins are found on lists of compromised credentials as a result of hacks into other websites.

Writing on the Microsoft blog, Eric Doer said "These attacks shine a spotlight on the core issue - people reuse passwords between different websites."

 

More on This Story

Related Stories

Comments

This entry is now closed for comments

Jump to comments pagination
 
  • rate this
    -1

    Comment number 91.

    I am a whitehat hacker. I know for a fact that even complex passwords are vulnerable. A common attack called a dictionary attack can work out almost any password even if you replace letters etc. your best bet is to not use much personal data online. You could use the account, just try not to use things like credit cards when not neccaccary. Also, when using using e-wallets, the ensure secure site

    Report this comment (Comment number 91)

    Link to this (Comment number 91)

  • rate this
    +2

    Comment number 18.

    Am I posting as me?
    Or has someone hacked my HYS account?
    Hmmmmmm.

    Seriously folks, I do feel that we can all use a little more care with online security - I often wonder how many people take no precautions and then are surprised to get caught out.

    On a slight tangent, I read recently that something close to 50% of internet users have no firewall or malware protection!!

    Report this comment (Comment number 18)

    Link to this (Comment number 18)

  • rate this
    +3

    Comment number 6.

    As a newcomer to the electronic age (sad at 51) even following recommendations for passwords to include case sensitive, numbers, non-consecutive etc won't prevent fraud if the sites so insecure it can be hacked.

    Report this comment (Comment number 6)

    Link to this (Comment number 6)

  • rate this
    +5

    Comment number 1.

    The problem is remembering the plethora of passwords you need these days. You either keep the same one for everything (terrible security) or you make sequential changes (terrible security) or you write them down somewhere (terrible security). How can you store random numbers in your brain?

    Report this comment (Comment number 1)

    Link to this (Comment number 1)

 
 

More Technology stories

RSS

Features & Analysis

BBC Future

Zapping bacteria the wireless way

Zapping bacteria the wireless way

New remote-controlled, dissolvable implants Read more...

Programmes

  • XBox OneClick Watch

    How far has Microsoft moved from a purist's game console with the XBox One?

BBC © 2013 The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.