Identity fraud has shot up by over half, according to new data released yesterday. Anti-fraud company Cifas published their research on identity fraud in the UK with some interesting results.
The research analyses data from the Cifas national fraud database which collected over 320,000 instances of fraud from 261 organisations in 2015.
In broad terms, reported fraud has increased by 16 percent on 2014. While other kinds of fraud have fallen, such as asset conversion and facility conversion, identity fraud has shot up by 49 percent, accounting for 53 percent of all fraud recorded.
It shouldn't be too surprising. The internet is littered with pieces of personally identifiable information just waiting to be grabbed by an opportunistic cyber-criminal.
John Lord, managing director at GBG, told SCMagazineUK.com, “Social media sites are a goldmine of information for those with malicious intent. Your name, your first school and even your mother's maiden name are now just a few clicks away for a fraudster.”
Brian Chappell, director of technical services at BeyondTrust, told SC that the dark web is also littered with people's identities “as a result of the many high profile network intrusions of the past two to three years – LinkedIn for example. It's not a huge leap to imagine that access to these accounts has provided a raft of personal information that has facilitated ID theft. Criminals aren't going to deface your Facebook or send rude messages to your friends, they are going to learn about you and use that information to help steal your identity.”
The problem is not just the quantity of the fraud, but the quality too. A research project by University of Portsmouth and accountancy firm PKF Littlejohn, presented in May 2016, estimated that fraud cost the UK nearly £200 billion.
Organised identity fraud typically starts with a data breach or phishing attack, delivering raw identity data into the hands of the cyber-criminal. From there, that data is sold on in large tranches in underground forums and private sales.
Then, there are two ways in which the data is primarily exploited.The buyers will use that information to get into the accounts of the unwitting victim or use that identity to purchase products, take out loans and altogether ruin the good name of the identity defrauded.
Identity fraud prevailed the most in Manchester and London, which saw increases of 83 and 78 percent respectively. It might be expected that large cities might have a higher incidence of identity fraud – there are, after all, plenty of identities to steal.That doesn't, however, account for the massive increase of nearly 100 percent in both cities. Cifas was unable to comment on why this might be.