We’ve all heard the horror stories about personal information, such as credit card details, falling into the wrong hands and, thankfully, in many cases the banking system limits the damage but it’s a growing problem.
Now Symantec have issued the results of some research which shows that this information may be sold on the black market for as little as a few pence as cyber criminals use generous retail promotions like bulk buying and â€œtry before you buyâ€ to sell consumer information and credit card details to other criminals. According to the Internet Security Threat Report 2009 e-mail addresses and accounts are traded among criminals from as little as five pence to as much as Â£60, with a full identity going for around Â£45. I don’t know about you but I find those figures to be alarmingly low – until I read on and discover that, according to Symantec, more than 10 million stolen identities are traded each year on the black market.
The online black market is booming compared to real-world criminal activity. It is more profitable, harder to prosecute and provides anonymity. Whereas on the streets of London Metropolitan Police figures indicate that a crime is committed every 37 seconds, an identity is stolen online every three seconds.
So how does this happen? Well, much of the information is harvested using malware on our PCs with many victims unaware that their computer is a “zombie” acting as part of the botnets that are the main source of online fraud, spam and other scams on the Internet today. In addition, we are putting increasing volumes of personal information onto the web through social networking. Meanwhile, action against criminals is hampered by the fact that national laws typically lag behind technological advances and the fact that the Internet is a global network and so requires co-operation from multiple law enforcement agencies.
So, what can we do about it? Well, much of the information in this blog post comes from Symantec/Norton and it’s no surprise that they would like us to buy the latest version of their security suite but, even if you use another reputable company’s security products, it’s worth checking out the advice on their Every Click Matters site including a victim assessment tool that helps you assess your risk (and black market worth) and 10 simple steps we can all take to stay safe. Maybe you, as a reader of this blog, know what to do – put it may be worth highlighting the advice to less-technical friends and family.