Nearly 20 million pieces of private information illegally traded online

Nearly 20 million pieces of private information have been illegally traded online in the first part of this year allowing fraudsters to open new accounts.

That’s according to the latest findings from Experian’s “Life in a Box” experiment, which has found that 19.7 million pieces of information were bought and sold illegally between January and June 2012 – more than in the whole of 2011, when 19.04 million records were traded.

Its research, compiled to mark the beginning of National Identity Fraud Prevention Week, also predict this figure is set to be a fourfold increase on 2010 when 9.46 million records were traded illegally.

To conduct the experiment the credit company placed volunteer Steve in a London shop front for a week with just a laptop for company. 

He was set a series of online challenges to determine where, when, how often and, most importantly, how securely personally identifiable information like names, email addresses and dates of birth was submitted. This focused particularly on the combination of a login and password, which the company said formed 90 of the market of illegally traded information online.

The experiment found that although Steve showed himself to be a savvy web user, like many people he made basic security mistakes in his hurry to get things done.

This included using the same password across multiple accounts, failing to update his web browser to a newer, more secure version, and he didn’t check that websites were secure by looking for the padlock icon when making online purchases.

From this, Experian said it was able to deduce that all of the eight temporary email addresses used by Steve were taken over within five hours, with the majority of credentials hijacked within five minutes. It said the individuals who took over these accounts were located in a variety of countries, ranging from Albania to South Africa.

Password related emails were the first to be viewed, followed by correspondences with family or friends.

The company added that although fourteen percent of Brits admit to being concerned about the risk of online ID theft, many more – 43 percent – have no such worries.

Three fifths of us never log out of websites while one in four people  never check for a website’s security padlock, even when making purchases.

Despite the well-known risks, one in six Brits also admitted to sometimes opening spam to see what it says, while one in 50 clicked on links in spam emails.

In light of the research the company has issued tips to help Brits keep their data safe. This includes using a strong password and changing it for different accounts.

To ensure it stays secure people are warned to avoid using dictionary words, maiden names or favourite pets, as these can be easily cracked.

It also advises people to steer clear of deals that “look too good to be true” as well as being wary of emails offering goods and services.

Experian also advised consumers check for SSL Encryption, which is used to protect confidential information.