Six million cases of fraud
Recent figures released by the Office of National Statistic (ONS) reveal that almost six million fraud and cyber-crimes were committed last year in England and Wales. The figures suggest that fraud is now the most common type of crime, with around two million computer misuse offences and 3.8 million fraud offences being committed in the 12 months to the end of March.
These findings from the ONS come soon after it was revealed that the number of victims of identity theft rose by 57% last year, with cyber criminals increasingly using social media to ‘hunt’ for people’s personal information. Cifas found that there were more than 148,000 victims in the UK in 2015 compared with 94,500 in 2014.
It’s fair to say that fraud is rife. And the sheer number of consumers now becoming victims of crime in their own homes due to phishing and other Internet borne attacks is simply startling. It’s clear that the days of creating an ‘original’ and hard-to-copy signature to protect our bank and identity details are well and truly behind us.
Today, a challenge for security professionals is the lack of consumer knowledge around what data they should ensure they protect. People are usually careful with debit and credit card numbers but will regularly give up Personally Identifiable Information like date of birth and street address, and will often use the same password on multiple sites.
By gathering small amounts of information from many sites, through phishing or so on, those with malicious intent can piece together these information and use them as bait for targeting phishing attacks or identity credentials to access more sensitive information. Quite soon, this accumulated data can be used to execute a serious attack and spread out across the consumer's entire digital life: their shopping, their social media and their banking.
In light of the findings from ONS and Cifas, it is critical that businesses change the way they think about data protection, extending their encryption policies to cover all personally identifiable information and account data to prevent it falling into the wrong hands. After all, we are now completely connected and digital lives flow between accounts like water. You never know when a seemingly innocuous account entry on one site might be the last piece of the puzzle for access to another.