Computer security comes cheap at Easter
It seems Joe Public’s mind is somewhat soft-boiled at Easter: research shows four in five of us would volunteer personal information in return for an Easter egg raffle ticket.
Infosecurity Europe’s annual taking of the public pulse reveals that 82 per cent of those questioned at Victoria handed over all the information necessary to steal their identity in return for being entered into a draw to win £60 of Easter eggs.
The survey was conducted in the run up to the London conference to highlight the ease with which such information can be obtained and was executed under the guise of research into views on Easter and Easter egg consumption.
Forget phishing, or viruses spammed out in the hope a small percentage of recipients will open the attachment, with a hit rate of four in five, roadside research could well be the next tool in the armoury of identity theft.
The two-minute interview netted names, addresses, telephone numbers, and harvested pet’s names, dates of birth, first schools and mother’s maiden names: all key information in either setting up a bank account in someone else’s name or in accessing an existing one.
Some 300 people were interviewed, and interviewers offered no credentials to those being questioned. They merely carried clipboards for an air of legitimacy.
A similar survey undertaken a year ago showed that things have improved. In 2005 some 92 per cent revealed this information for a chance of winning theatre tickets.
But perhaps the real lesson is that these details on their own shouldn’t be enough to open or access bank accounts – in short, to establish your identity.
Individuals should never give more information about their biographical or attributed identity than they have to, as this information can be extremely damaging if it is misused or falls into the wrong hands,’ said Lord Erroll, a keynote speaker on Identity at Infosecurity Europe.
All the information collected by the researchers was destroyed by the organisers of Infosecurity Europe. For more information on this year’s conference visit www.infosec.co.uk.