CPP takes part in York Cares’ Community Challenge

 

This October saw members of the CPP team taking part in two community challenges to help local projects throughout York and the surrounding area.

The first of these challenges was to help Painting the St Lawrence Community Hall. There are fortnightly meetings held for the blind and partially sighted at the Hall and the bright colours that were chosen to paint with will help them identify entrances, exits and possible hazards. With a renovated community hall the church will be able to hold more community & fundraising events.

The second challenge was to assist the Poppleton Community Railway in the renovation of their derelict Nursery. The Poppleton Community Railway Nursery is Britain's last surviving Railway Nursery situated in Poppleton near York. The nursery is run by a volunteer group, currently a not-for-profit company. Having been unoccupied for a few years the site has needed, and still needs a lot of work to get it up and running again.

 

James Waillis was the Co-Ordinator of the events and below is his firsthand report of the challenges

We decided very early on in the process that we would like to work with York Cares who help to arrange community days like these. We have worked with them in the past and have found their help and guidance priceless. Helen at York Cares deserves a special mention as she was involved in the preparations of both visits.

York Cares provided us with a list of various challenges that were available in the York area and after much deliberating we decided that St Lawrence Community Hall and Poppleton Railway Nursery were the two that we were interested in.

We planned a couple of trips out to visit the sites to understand the scale of the tasks and what would be involved but most importantly of all to understand why we were going to do the task.

After visiting St Lawrence Community Hall and speaking to Cath we were certain that we had chosen correctly and that a lot of people would benefit from our efforts. The Community Hall is used for many different events by many different groups. The Congregation used the centre to hold communion in the winter as the church has no heating. (They also mentioned that they have had to use it this summer as the English weather continues to surprise). Other groups that use the centre are Help the Aged and Rainbows. Every fortnight the societies for the blind and partially sighted attend the community centre and to help aid them so that they are able to move around the centre we were asked to paint the walls white and green. Green is a colour that the partially sighted can recognise with ease so we were asked to paint around and above the radiators that protrude from the walls so that this would highlight the potential dangers. As well as being a benefit to this potential group the renovation of the centre will be a benefit for all groups that attend and may even help promote the centre for hiring to future groups.

 

 

The second visit was to Poppleton Railway Nursery and yet again we knew that we had chosen correctly. The Nursery works in partnership with the NHS in the York area to provide horticultural skills training to adults recovering from mental health crisis. The approach has been shown to be extremely beneficial in treatment. This is also the last remaining railway nursery in the country. After speaking to Jo who is the Leader at the nursery, she informed us that the whole site is run by volunteers who put a lot of their own time into making the place look nice and would love a nice new patio to sit back and relax on after a hard day’s work. As we realised that this was going to benefit a lot of people we made plans to lay a new patio and a brand new path for the volunteers and recoverees. The path was to ensure that wheelchair access would be gained and that everyone would be able to use this piece of land to relax.

 

 

With the events now over and everyone officially exhausted; everyone in the finance team at CPP can be especially proud of themselves as we all know that we have given something back to the surrounding community. The Group who were at St Lawrence Community Hall have transformed the hall completely with new magnolia, white and green walls. The partially sighted should now be able to identify the danger zones and navigate the room more easily. With the spare bit of time they had they managed to squeeze in the painting of the skirting boards which mean everything stands out far more. We have received an email from Cath Thornton at the Community Centre thanking us all for all our hard work. She said various groups have already been in and are very impressed with the new look. Whilst the group at Poppleton, who are still tired from the amount of digging and lifting done, can be extremely proud of themselves as the patio, garden and path look spectacular. It makes such a difference when a plan comes together.

James Wallis

Ledger Co-Ordinator

Social Sites and Why You Need to Change Your Passwords Regularly

In the space of about 24 hours, users of Last.fm, LinkedIn and eHarmony have been the victims of password theft, which has once again raised concerns over online security and identity fraud.

In response, all three major websites requested that their users change their passwords following apparent heists of millions of credentials.

On June 6th, LinkedIn users were targeted by email scams after hackers leaked more than 6,400,000 user passwords on a Russian web forum, accompanied by a message encouraging other hackers to help decrypt the "hashed" data.

Soon after the targeted LinkedIn members also received emails designed to look like they were sent by the social-network website which asked users to confirm their email address by clicking a link. However the link too unsuspecting recipients to a dubious website selling counterfeit drugs.

Meanwhile, approximately 1,500,000 million passwords from the US based dating website e-Harmony were also posted online.

And most recently UK-based music website Last.fm released a statement announcing that “As a precautionary measure, we're asking all our users to change their passwords immediately.”

The passwords for all three websites, which were protected by an easily crackable encryption format, were posted to a Russian forum by a hacker who was seeking assistance in decoding them.

LinkedIn users have been informed that they will receive instructions in an email on how to change their details, meanwhile eHarmony stated on its blog that it had reset the passwords of the affected users, who would receive an email with instructions on how to set new passwords in the meantime. Last.fm made no further statements.

Why Passwords are the first line of defense

On a positive note, none of the social profiles had been used maliciously or fraudulently. However, the threat of online identity fraud is real, which is why passwords are such an important first line if defense against cyber criminals.

This is why Google recommends that you pick strong passwords that are different for each of your important accounts and that you change them regularly (about once a month).

Criminals tend to target sites that lack strong security so they can harvest usernames and passwords to test against other popular sites. So if you have the same username and password across numerous accounts, a cyber criminal only needs to crack one account to have access to all of them.

So having different passwords for different accounts is a great way to help keep them secure. Another way to improve your online security is to make sure your password is at least 8 characters long while being hard to guess.

It’s also recommended that you create a password with a mixture of letters, numbers and even symbols to increase the difficulty of guessing or cracking your password.

This is why so many websites now ask for an 8 character password with numbers, symbols, and mixed-case letters, because there are 6 quadrillion (6,000,000,000,000,000) possible variations.

So keep your passwords long, with a couple of numbers, symbols, and upper case letters while changing them every month to help avoid problems like account hacking.

 

New research finds that bank, credit card or other account fraud by a third party on increase

Here are some helpful tips on how you can be careful with your personal information online and when mobile …

1. Change your passwords regularly - the longer and more obscure, the better

2. Leave a website if you notice strange behaviour (unknown certificates, pop-ups etc.)

3. Avoid transmitting sensitive data over public (free or otherwise) Wi-Fi

4. When seeking Wi-Fi connections: know who you are connecting to, be wary of free Wi-Fi access

5. If using a smartphone: disable Wi-Fi ‘auto-connect’

For reference only: Source @ 24.05.12
http://www.cifas.org.uk/accounttakeover_maytwelve

Slough is UK’s identity fraud capital

If you live in Slough you might be shocked to learn that new research has revealed that Slough is the worst place in the UK for identity fraud.

The research by Experian found that households in the Berkshire town recorded twenty five identity fraud attempts for every 10,000 households. This means residents are targeted by nearly four times the UK national average (seven households in every 10,000).

While Slough took the lead, other hotspots for identity fraud were London, Gravesend Birmingham and Luton. London recorded 22 attempts per 10,000 households, although results varied across the capital; with the Olympic neighbourhoods of Eastham, Woolwich and Stratford coming out top.

Identity fraudsters change tactics

Interestingly, this is the first time that young people renting small flats from local councils or housing associations were the demographic most likely to be targeted by identity fraudsters. Rather than targeting the wealthiest sections of society it was this group that saw its identity fraud risk score increase by 47 per cent to 256 in 2011, making them two-and-a-half times more likely than the average UK resident to be targeted.

Experian’s research reinforces the need for people to be vigilant and take steps to protect their identity. Here are some tips that could help you keep your identity safe…

•    Shred any discarded bills, statements, wage slips or even junk mail.

•    Opt out of having your details available on the edited electoral roll.

•    Don't let your debit/credit cards out of sight.

•    When online never type credit card numbers, passwords, or any other confidential information into a web site unless its address begins with https and the browser displays the "closed padlock" symbol.

•    Avoid carrying out transactions on public or shared computers.

•    Check receipts against bank statements and contact their bank if concerned.

•    Don't include personal details such as your home address and date of birth when posting information on a social networking site, or your CV on a jobsite.

•    Make sure your antivirus software subscription is up to date, and that your computer is configured to automatically download and install any updates.

•    Never write down your PIN or passwords as they can be used by criminals to commit acts of ID fraud.
•    Vary your PINs and passwords.

•    Be wary of unsolicited telephone calls from banks, credit card companies and other retailers or financial organisations.

•    Never click on a link in an email from a company you don't recognised or one asking for your personal information. 'Phishing' is an email scam where a fraudster tries to trick you into disclosing personal details.
 

Identity fraud risk assessment

To discover how at risk you are from identity fraud you can use CPP’s risk assessment tool for free online.


Footnotes:
Source: http://press.experian.com/United-Kingdom/Press-Release/slough-overtakes-london-as-identity-fraud-capital-of-uk.aspx

The 10 areas most likely to be targeted

Town/city	Cases/10k households
Slough   London (all)    Gravesend    Birmingham    Luton    Manchester Leicester    High Wycombe  Peterborough   Windsor	25 22 20 17 16 15 14 13 13 12

 
   

 

 

 

 

 

 

 

 

 

 

 

The 10 London boroughs most likely to be targeted

London borough	Cases/10k households
East Ham Woolwich  Stratford  Ilford    Walthamstow   Harrow    Cheapside   Lewisham   Hatfield   Enfield	78 46 43 33 27 27 26 26 26 26

How can I get help to protect my identity?

Don’t forget that CPP’s Identity safe can help you to protect your identity both online and offline. Not only will CPP Identity Safe provide you with 24/7 DataPatrol online fraud monitoring but also with unlimited online access to your Experian credit report and many other features.

5 Ways to Keep Your Mobile Phone Safe

Today most people rely on their mobile phone to keep in touch with friends and family. Whether you’re shopping online, managing your bank account or simply calling, texting and tweeting, if you lose your phone it can feel like you’re cut off from your world and the people in it.

With the value of Smartphones rapidly rising, they are also increasingly attractive to thieves; and not just for the price of the handset itself, but the potential access to your personal information.

Having your phone stolen doesn’t just mean that you have the expense of replacing your phone or that you cannot contact your friends or family. It also means that a thief could run up a large phone bill and have access to your personal data that could put you at risk from identity fraud.

In order to help you keep your mobile phone safe at all times, we’ve put together these five simple tips to help you stay vigilant. For added protection you might also want to consider purchasing mobile phone insurance.

As well as providing worldwide cover for loss, theft, malicious damage, accidental damage and breakdown CPP Phonesafe mobile phone insurance also includes up to £1,000 cover for unauthorised calls from your phone – to protect you from paying for calls / texts made by a thief.

Top 5 Mobile Safety Tips

For many people their mobile phone is their connection to the world around them, whether it’s for work and business or friends and family. To help protect your mobile phone from theft here’re some top tips.

1.    Make sure your PIN is turned on so your phone is locked

It’s a simple mistake than many people make. But by just ensuring that your PIN is turned on, you can help prevent others accessing your phone. Facebook pranks aside, anyone could access your online accounts or make countless calls which could leave you out of pocket.

2.    Be wary about where you use your phone

If you’re using your phone in public, whether in a bar or on the street there are always opportunistic thieves about. So always be aware of your surroundings.

  
3.    Ensure your security settings are set up and turned on  

Smartphones offer a wide range of clever security settings, so be sure to take the time to set them up properly. These can range from the number of password attempts allowed before the device is locked to data encryption, regularly clearing memory to locking down Bluetooth and whether the device should automatically lock on holstering.

And, most importantly, don't fall into the trap of saving usernames and passwords in your mobile device's browser; anyone who unlocks your phone could then have access to all of your online accounts.

4.    Keep your phone out of sight

When you are not using your phone it’s always best to keep it out of sight. As they say, “out of sight, out of mind” and the last thing you want is your expensive phone to be on the mind of a potential thief. Keep it safely stashed away inside a bag or pocket and not on display, especially if it’s the latest ‘must have’ Smartphone.

5. Don't leave your phone in the car

Leaving your expensive phone on display on a car passenger seat is a tempting invitation for thieves to smash a windscreen in order to obtain it.
These are just a few of the things you can do to help keep your mobile phone safe. However, if have the latest handset and would like complete peace of mind, be sure to learn more about our mobile cover. This means if you should ever damage your phone or it’s stolen you won’t have to be without your phone for long and could help you avoid being out of pocket.

5 Tips for Better Credit Card Security

Credit and debit cards are a very common and safe way to pay for goods and services in the UK and overseas. However card fraud can still happen so it’s important that you consider taking steps to minimise the chances of card fraud.

Here are five tips that could help you on the path to better card security…

1. Keep an eye on your card

Try not to let your card out of your sight when making a transaction, and don’t leave your cards unattended in public places.

 

2. Protect your PIN number

You should be the only person that knows your PIN. Remember your bank or the police will never phone you and ask you to disclose it; anyone who does ask you for your PIN is likely to be a fraudster.

Cash machines are generally very safe, however they can be used by criminals to steal your card details. Always keep one hand covering the keypad when entering your PIN number and if you think someone has seen your PIN change it immediately. Don’t forget if you spot anything unusual about the cash machine, or there are signs of tampering, don’t use it and report it to the police.

 

3. Shop online carefully

Make sure you only shop on secure sites. Ensure that the locked padlock or unbroken key symbol is showing in your browser and that the beginning of the online retailer’s internet address has changed from ‘http’ to ‘https’. This tells you that the connection is secure and that you’re safe to shop. Always log out properly after shopping online especially if you have been using a shared or public computer.

 

4. Check your bank statements

Manage your finances effectively by regularly checking recipts against statements. If you discover any unfamiliar purchases contact your card company or bank asap. Remember to store your financial documents such as bank statement safely and shred them when you dispose of them.

5. Credit card insurance

If you are looking for additional peace of mind, credit card insurance can be of help should the worst happen. Whether you’re at home or abroad, one free phone call will cancelyour missing cards straight away and get replacements ordered to the registered address of your cards.

With CPP Card Protection you will also benefit from lock and key cover so if you lose your keys you can get home and get in as well as up to £20,000 insurance cover if you experience card fraud and your card issuer refuses to pay for the unauthorised transactions and up to £5,000 emergency cash advances and cover for handbags and travel documents.

Going on holiday in 2012?

Just look outside the window in your office and pick a colour which comes to mind; it’s ‘grey’ isn’t it? If you’re suffering from the January blues, and daydreaming of being on the beach sipping a piña colada why not make that desk-daydream a reality? Now is a great time to book a getaway. Some of the travel operators have got special offers on and it will also give you to look forward!

When you go to book your holiday why not give you and your family an extra treat and take the stress out of travelling with CPP’s ‘Airport Angel’ airport lounge access.

When CPP carried out research last year we found  42% of people surveyed said airports make them feel stressed and 23% find the prospect of getting on to their flight as stress inducing if not more stressful than moving house!

Taking advantage of airport lounges is a great way to start your holiday. With Airport Angel you can escape to a peaceful environment, getting away from the hustle and bustle of a busy departure lounge. You’ll be guaranteed a seat and can enjoy the excellent facilities on offer:

•    Complimentary drinks and snacks
•     Free newspapers
•    Internet access
•    Washroom facilities
•    Conference facilities

If you’re interested in finding out more about how to avoid airport stress read on for our tips on staying calm, planning ahead and relaxing in airport lounges. Alternatively find out more about Airport Angel airport lounge membership.  
 

Fortnum & Mason in credit card data breach

The 'Queen's favourite grocer', Fortum and Mason, is in the news today for breaching of credit card data security standards.

Customers are in uproar having been asked to email the retailer their credit card details in order to receive a refund on Christmas hampers that have yet to be sent. The email said "[Fortnum] will require your card details to arrange a refund (type of card, name of the card, long number, expiry date, security number)."

One customer, who is still waiting for a Christmas hamper ordered back in November, refused to give the details for fear of credit card fraud.

They received a reply from a Fortnum customer service employee saying: "I understand you do not want to give out your details however, we do not keep them on file due to security reasons, the only way I can refund you is if I do have them. We will instantly destroy your details as soon as you are refunded."
UK data security standards forbid companies from requesting consumers' full credit card details via unsecured emails because such requests could allow fraudsters to create cloned credit cards.

Online security is increasingly important as fraudsters use increasingly sophisticated ways of tricking us out of money and sensitive information. In addition to making sure you only ever communicate information or data via a secure connection, here’re some of our tips to avoid being hacked:

1.    Change your passwords regularly - the longer and more obscure, the better
2.    Leave a website if you notice strange behaviour (unknown certificates, pop-ups etc.)
3.    Avoid transmitting sensitive data over public (free or otherwise) Wi-Fi
4.    When seeking Wi-Fi connections: know who you are connecting to, be wary of free Wi-Fi access
5.    If using a smartphone: disable Wi-Fi ‘auto-connect’
6.    If you are concerned about identity fraud, consider purchasing an identity fraud protection product to help you detect, prevent and resolve any incidence of the fraud.

Tips to help you cut your heating bills

Battle the January blues and winter weather by keeping cosy and warm whilst taking steps to save money on your heating bills. You never know, you might even save enough to out towards your summer holiday!

Staying warm around the house

Keeping warm in the winter can be costly so before you crank the heating up consider the following… 

Wrap up warm

Before you crank up the central heating, why not put another jumper on – or grab a duvet or throw to snuggle under? This will help save you some money on heating bills whilst giving you an excuse for a cosy day on the sofa.

Thermostats

Use thermostat timers to manage when your heating. Set it to come on a couple hours before you come in from work and turn it on for a couple of hours in the morning. If you time this right, you will really reap the benefits financially. Check your meters on the regular to see if you’re cutting back successfully.

Hot water bottles

Why not pop one between the sheets about ten minutes before you go to bed – it really makes the world of difference!

Preventing Draughts

Draught proofing your home is a great form is home protection. Keeping out the cold draughts will help keep the warmth in and therefore save you money on your heating bills. Help prevent draughts by purchasing and hanging heavy lined curtains at the front and back doors. You might want to consider covering all keyholes in the house and using draught excluders on the bottom of your doors to keep those wintry breezes out.

As well as making your home more energy efficient it might also pay to compare energy provider and switch to cut costs. Shop around and understand which energy tariff best suits your needs.

In conclusion in these times of financial insecurity, doing anything to cut costs is vital so make sure your home is energy efficient as possible to save yourself money.

Keep your cards safe this winter

The festive period is well and truly upon us and many of us will be planning a winter break to escape the UK weather or Christmas at home. Wherever you are travelling to, it's never nice to get home and discover that your credit or debit card is apparently still on holiday.

herever you are, whether at home or abroad, it's important to remain vigilant and to look after your wallet and bags.

Here are CPP’s tips to avoid being a victim of card theft and card fraud

Only take cards with you that intend to use. Don't carry multiple debit or credit cards in your wallet.

- Don't leave belongings unattended while swimming or sunbathing and don't hang your bag on the back of your chair in cafes and restaurants.

- Don't carry debit or credit cards loose in a bag or pocket and keep them with you when travelling to and from your destination – don't leave them in your suitcase or rucksack.

- In crowded places, keep your bag strapped across your body or held firmly with the clasp towards you. A concealed money belt is the best place to carry your cards and cash.

- Tell your bank you're going to be away and give them an up-to-date mobile phone number so they can contact you if they see any suspicious or unusual activity on your account.

- Keep an eye on your card in restaurants and cafes. Don't let a waiter take your card out of sight when you pay the bill.

- Check your receipts against your statements when you get home to make sure there are no unexpected transactions.

- Don't leave cards and other valuables unattended in your hotel room. Use a safe or your hotel's safety deposit box.

- Never tell anyone your PIN – even if they claim to be from the police or your bank – and don't write it down.

Merry Christmas!

If you’ve not yet joined the CPP affiliate programme join today!

- It’s free to join

- You can earn 15% commission on each validated sale

- We pay monthly commission payments

- We’ll update you regularly on special offers for your customers

- We’ll also make sure there are plenty of incentives and rewards for you

 

 

 

 

 

 

 

 

 

Best wishes from all at CPP.

Are you putting yourself at risk from festive theft?

Christmas is time for celebration; for friends and family, for shopping and for parties. Many of us like to let our hair down with a drink or two but in such a social situation did you realise you could be putting yourself at risk from theft?

Our research found that 1.7 million* people have had their personal possessions stolen in the run up to Christmas, and that Saturday 10 December is the peak day for festive theft**.

One in five (18%) victims had items stolen in a bar or pub, with 15% experiencing theft in a nightclub. Alcohol, unsurprisingly, often has an impact with 29% admitting they had consumed a few drinks before the theft took place.

When psychologist David Moxon assessed people’s behaviours when socialising in a central London bar, he found that a potential theft could occur every three minutes. Although 30% of customers observed placed their valuables out of sight they were still easily accessible to potential thieves.

David added: “When you’re in a social environment you are more likely to be less vigilant. If you’re happy and enjoying yourself it’s easy to think ‘happy thoughts’ about the venue and people around you which could lead to over-trustfulness and an increase in risky behaviour. Higher levels of oxytocin, which is the ‘bonding’ hormone may also be experienced and this could lead to increased – and sometimes inappropriate – levels of trust.”

This complacent attitude could leave you out of pocket to the tune of around £229 so being vigilant could help prevent you being left out of pocket.

Here’re our tips for avoiding festive thieves:

1. Don’t carry multiple debit/credit cards in a wallet – only carry the essential cards you need
2. Don’t leave belongings unattended
3. Don’t carry debit/credit cards loose in a bag or pocket
4. If your cards are registered with a Card Protection company make sure you have their emergency loss reporting number
5. Don’t ever write down your PIN number – if it is used you could find yourself liable for any fraudulent transactions
6. Don’t let bar staff/waiting staff take your debit/credit card out of sight – they could be copied or cloned
7. If anything happens, report it to the manager of the venue immediately
8. If you are concerned your cards may have been lost or stolen, contact your bank immediately to get the card cancelled

* According to research conducted for CPP by ICM, One in twenty (4%) people have had one of these items stolen during the festive season (Nov – December) (1,781,000)

** Analysis of CPP’s claims statistics from the last year shows that December 10th is the most vulnerable day for card users, with over 300 lost or stolen cards reported to the life assistance firm on this date. 

Preventing Corporate Identity Fraud

“Small businesses are potentially vulnerable to corporate identity fraud as they often don’t have the systems in place to protect themselves or the resources to draw on if they do become a victim. With identity theft continuing to be a problem, it is essential for SMEs to recognise the potential threat and take steps to ensure their business is protected. If they do suspect they have become a victim they should inform their bank or local police.”

-    Danny Harrison, CPP Identity Fraud Expert.

Within the last year, 15,000 businesses claim to have fallen victim to corporate identity fraud – showing a small rise in this crime. Within this article, the most common form of corporate identity fraud is explained – and ways of preventing  it.

Companies House

SMEs are susceptible to fraud through criminals taking advantage of a small loophole within Companies House. Fraudsters can change the address of any business by submitting a false AD01 address, so they can apply for a company credit card or order fraudulent goods on the company account. This can be done without anyone noticing due to Companies House not alerting the company director or secretary that there has been a change of address. SMEs believe that corporate identity fraud is normally committed by previous employees of the business, working directly – or through an associate of theirs.

The majority (68 per cent) of SMEs are unfortunately unaware of this loophole, mistakenly believing that Companies House checks and verifies the details of documents filed with them.  A recent survey of two hundred small and medium SMEs revealed that, through a combination of ignorance and lack of information given to them, 87 per cent did not have the adequate insurance in place – leaving them at risk from corporate identity fraud.

Protecting your Business from Identity Fraud

Companies House does offer some basic protection in the form of the ‘Protected Online Filing System’ (PROOF) scheme. The added security which PROOF provides is a way to stop the fraudulent change of the registered office address and change of director or company secretary, helping to reduce the risk of corporate identity fraud. However, there are other precautions which can be taken to protect your business against fraud.

CPP’s top tips on protecting companies from corporate identify fraud:

• Limit access to company sensitive information to only key employees
• Make sure all company sensitive information is securely stored and only transferred using passwords and encryption in case it is lost or delivered to the wrong recipient
• Ensure that company staff are not able to remove sensitive documents from the office
• At Companies House file information online (WebFiling), submit all papers online (PROOF) and subscribe to an alert system that notifies companies when changes to their details are made (Monitor). More information about these services and combating identity fraud can be found at http://www.companieshouse.gov.uk

Identity fraud risk assessment tool

Last week was the seventh National Identity Fraud Prevention Week also known as (NIDFPW) aimed at preventing identity theft and fraud through raising awareness of the topic. Every year for the last seven years the National Identity Fraud Prevention Week has integrated people from both the public and the private sector to bring together a wide range of knowledge and experience in relation to preventing and combating identity fraud. Identity fraud is one of the UK’s fastest growing crimes and affects both individuals and businesses alike.

Despite it being a quite well known subject many people and business don’t take the appropriate steps to prevent or combat identity theft that could be a serious risk. Recent research carried out by the CIFAS (the UK’s Fraud Prevention Service) showed that 7% of the UK population, just over four million people have been victims of identity fraud with the average cost to each victim at £1,190 equating to over £47 Million of identity fraud cost. The number of reported cases in the UK continues to grow year on year with over 80,000 reported in 2011 so far. Despite this rise in risk research by CIFAS suggests that 25% of people are still not taking the simple yet key precautions such as shredding bills and bank statements that can help prevent any issues with identity fraud.

To discover how at risk you are from Identity Fraud you can use CPP’s risk assessment tool for free online today. This tool will allow you to enter your current situation though a number of simple questions and give you expert advice as to whether you could be at risk from identity fraud and what measures you can take to protect yourself.

CPP also have a great check list of tips that you can use to assess your own situation and stop yourself from being at risk, some of these tips are as follows:

• Don’t let your debit/credit cards out of sight.
• Make sure you shred any discarded bills, statements, wage slips or even junk mail that may contain your names and address.
• Opt out of having your details available on the edited electoral roll. - Avoid carrying out transactions on public or shared computers. 

For the full list of recommendations and tips please visit our fraud advice page.

Don’t think that preventing identity fraud is as simple as shredding your letters, over 88% of people share valuable information on social networking sites that could be used to commit identity fraud such as address, date of birth and more. To make ensure that you are fully protected you need to keep up to date with National Fraud Prevention website.

Can social media lead to identity fraud?

Identity fraud using information from social media

There are, apparently, over 500 million Facebook users worldwide and 26 million in the UK, which is a staggering proportion of the global and UK population.

Social networks are by their very nature all about sharing; sharing experiences, our latest news, likes and dislikes and sometimes our personal information.

Whilst we all like to share – and we very much do – there are risks associated with allowing ‘everyone’ and ‘everyone’ open access to our personal information, which by its very definition, can be sensitive and, in fact, highly valuable.

Why is personal information so valuable?

Personal information is often used to verify our identities with a range of organisations including banks, credit card companies, utility providers and online providers of goods and services.

So, if this is the case, why do a third of Facebook users have two pieces of personal information, such as their date of birth or mother’s maiden name, on their public profiles? Worst still 27% of Facebook profiles contained three pieces of personal information. From our recent research only 1% of public Facebook profiles contained no personal information. Specifically 15% of users allow everyone access to their date of birth.

The situation is made worse by the fact that we all like to be popular. Amazingly a third of Facebook users – that’s over eight million people in the UK – accept friend invitations from people they have never met before. Amongst younger users the figure is even more alarming; with half of 18 – 24 year olds accepting friend requests from people they don’t know. This may explain why they have, on average, more than 260 friends. When we asked ‘why’, users were happy to accept requests if the person was good looking or appeared popular.

When we delved deeper and asked users if they trust all their friends, the results were worrying. Only 36% of Facebook users trust all their friends, and 81% of 18 – 24 year olds said they didn’t.

So, if this is the case, why do we freely share our personal information on social networking sites?

Is it simply because social networking sites exist to facilitate the open exchange of information? And are we blindly ignoring any consequences of sharing our personal information?

The situation is complicated by the fact that 6% of social media users claim to have been a victim of identity fraud from someone accessing their details from one of their online accounts.

You may think the motivation to share is down to a lack of awareness and understanding – unfortunately it isn’t. Half of those questioned (49%) said they were aware that it is possible to use personal information accessible on Facebook or other social networking sites in order to facilitate identity fraud.

The problem is, and here is the main concern. Most of us use personal information – available on our Facebook profiles, and as we have previously qualified, to often complete strangers who we don’t trust – to verify our identities or access our online accounts.

Because social media is here to stay and is only going to become more popular, we need to carefully consider the rules around personal verification. If we are going to be asked our date of birth, mother’s maiden name and place of birth, then either don’t publicise it online or change the verification questions.

Precautions to prevent online fraud

Some simple rules include using a unique password for every website, don’t post personal information on Facebook i.e. your date and place of birth, and regularly review your privacy setting so they meet your expectations and only your ‘real’ friends can access your profile page.

And perhaps we all need to go through a ‘de-friending’ exercise to remove those good looking and popular ‘friends’.

To find out more please read our blog about the amount of information revealed online through social networks.

Complacency means identity fraud continues to rise

National Identity Fraud Prevention Week

Monday marked the start of this years’ National Identity Fraud Prevention Week. With the subject of identity fraud in the media on such a regular basis you’d have thought the UK population would be both aware of the threat and the risks but also be taking steps to protect their identities.

However research commissioned by Fellowes found although 95% of the UK population are now aware of identity fraud, the number of victims is still rising. 7% of the UK population have been victims of identity fraud, equating to over 4 million people. The average cost of these incidents to each victim is £1,190, but some individuals have lost up to £9,000.

Statistics from CIFAS, the UK’s Fraud Prevention Service, support this research; reporting that the number of identity fraud cases declared to the authorities in the UK continue to rise, with over 80,000 reported in the UK so far this year.

CPP’s tips to help prevent identity fraud:

• If you've moved house recently make sure you instruct the Post Office to redirect your mail to your new address for at least a year. Notify your credit card company, bank, and any other organisations that you deal with as soon as possible.
• Make sure you shred any discarded bills, statements, wage slips or even junk mail that contain your name and address.
• Opt out of having your details available on the edited electoral roll can help to keep your details safe.
• Don't let your debit/credit cards out of sight.
• When online never type credit card numbers, passwords, or any other confidential information into a web site unless its address begins with https and the browser displays the "closed padlock" symbol.
• Register payment cards Verified by Visa or MasterCard SecureCode. It adds another layer to online security and makes it harder to fall victim to online fraud.
• Avoid carrying out transactions on public or shared computers.
• Also always check receipts against bank statements and contact their bank if concerned.
• When posting information on a social networking site, or your CV on a jobsite, don't include personal details such as your home address and date of birth.
• To protect yourself from online fraud make sure your antivirus software subscription is up to date, and that your computer is configured to automatically download and install any updates.
• Never write down your PIN or passwords as they can be used by criminals to commit acts of ID fraud.
• It is a good idea to vary your PINs and passwords, so that if you do happen to lose your wallet, it will be much harder for the PINs to be cracked. 
• Understanding your credit report is really important. It's one of the best ways to determine whether identity fraud has been committed against you. 
• Be wary of unsolicited telephone calls from banks, credit card companies and other retailers or financial organisations.
• You should never click on a link in an email from a company you don't recognised or one asking for your personal information. 'Phishing' is an email scam where a fraudster tries to trick you into disclosing personal details. 

You might also be interested in using our free online risk assessment tool to help you assess if you might have been a victim of identity fraud and give you advice on what you can do to reduce your risk.

CPP explains too much information is revealed online through social networks

Social Network Study Results

In the study from security expert, Jason Hart, which was commissioned by CPP, details including the name of the user’s first school (64%), employer (46%), dates of birth (25%), children’s names (25%) and favourite football team (17%) were found to be visible on many people’s Facebook profiles.

As the most active social media users, those aged 18 to 24 with a Facebook account are the most likely to publicise their personal information – and often to complete strangers. This age group has on average more than 250 friends but 81% say they do not trust all of their Facebook ‘friends’. Half (50%) have accepted a friend request from a total stranger and 9% would accept an invitation from someone they did not know if they were good looking or popular.

Users of all ages are putting themselves at risk of identity theft, one third (33%) of all those with a Facebook account admit to accepting an invitation from people they had never met before, with 38% confessing they don’t know everyone they are friends with on the site.

Friendship requests from strangers

Over half of the Facebook account holders questioned had received friendship requests from strangers. And despite recent media controversy around privacy and security on the site, one in twenty (6%) users allow anyone and everyone to see their entire profile which potentially puts them at increased risk of identity fraud.

Danny Harrison, CPP’s Identity fraud specialist is calling on individuals to not use personal information for online passwords or security questions.

“It isn’t a good idea to use personal information for passwords online. Sharing is the whole point of Facebook and other social media sites, so users are naturally going to promote their personal information online. The problem is this information could be used by fraudsters to reset passwords and access people’s online accounts. To compound the problem, there are tools available online that can capture keywords from a website, including a Facebook profile, and others which will trial variations of the identified keywords until a password match is found.”

Personal information most commonly used as passwords

1.    Interests
2.    Hobby
3.    Favourite football team
4.    Favourite football player
5.    Children’s names
6.    First school
7.    Pet’s name
8.    Dates of Birth
9.    The user’s name
10.    Maiden name

CPP’s top tips on protecting your personal data on social networking sites:

• Set a unique password for every website: Always create a unique password for each website you use
• Personal information: Ensure that you are not posting any personal information on Facebook  that can be used against  you,  for example date of birth,  mother’s maiden name or your email address
• Enforce two-factor authentications:  A number of web based applications and social networking sites now provide users with the ability remove the need for static passwords and allow them to enable two-factor authentication - removing the risks of your password being compromised
• Privacy settings on your social network profiles: Review the privacy settings on your social networks to ensure they meet your expectations. Social networks in general initially set privacy settings to defaults that allow anyone to view your information
• Don’t use personal information to verify your online identity: If possible utilise other information or codes to construct a password, and consider using false information when asked to create a security question and answer

Love thy neighbour? CPP research shows neighbourhood disputes are leading us to sell up and move on

Do you know your neighbour?

What sort of neighbourhood do you live in? A community-spirited one, where everyone knows each other’s names, where you can call upon your neighbours to take delivery of parcels, look after your pets, or maybe even your children? With many more people working long hours and having busy lives or living in neighbourhoods for shorter periods of time, this might not be the reality for many. So what do we really think of our neighbours’ actions and how good is your relationship with those relative strangers who live closest to you?  

CPP Conducts an Omnibus Survey

CPP recently conducted an omnibus survey of 2,000 people to understand the extent of neighbourhood relations and found some alarming figures about our relationships with our neighbours. Nearly a million Britons have been forced to move house as a result of a neighbour feud. The findings showed us that these escalating tensions have led one in twenty (5%) feuding neighbours to sell up or move out as a result of next door’s ‘bad neighbour etiquette’.
So what tops the list of neighbourly gripes? Perhaps unsurprisingly home and garden maintenance issues top the list of disputes, with more than a quarter (27%) of feuds due to people leaving their homes, gardens and streets in a state of disrepair. Other common causes of disputes include excessive noise (15%), arguments over boundaries (7%), stolen parking spaces (7%) and trespassing children (6%).

Although there are many people who do enjoy good relationships with their neighbours, the research also reveals nearly a third of Britons (27%) rarely speak to them. One in seven (14%) of us don’t know the names of the people living in our immediate vicinity. Although this is quite a sad statistic, it is now the reality for many neighbourhoods up and down the country, making it more difficult to overcome any issues.

If we don’t know our neighbours, and have not built this bond with them, then it makes it more difficult to settle any dispute amicably. According to the research, one in seven people (16%) have had a verbal argument with a neighbour in the past, and a small number of disputes (2%) have even ended in violence.

So what can you do if you have issues or disputes with your neighbours?

So what can you do if you have issues or disputes with your neighbours? Here are our top tips to avoid neighbourhood disputes in the first place.
Play your part – keep your garden and surrounding areas tidy and free of rubbish. This way people in your neighbourhood will respect you for showing them and their community consideration. In addition the police and the courts are more likely to take you seriously if you behave reasonably yourself.

Keep them updated – Make sure you keep your neighbour informed of anything that may disturb them – for instance building work or a house party. This will help maintain good relations between you and will encourage them to let you know of anything they’ve planned that you may find a nuisance. This will then often also avoid legal disputes particularly where there are legal duties and obligations to consider.

Lend a hand – Offer to pick up your neighbour’s papers and keep an eye on their place when they are away, letting them know that you’ll contact them if you see anything awry or suspicious near their house. This will let your neighbour know they can trust and rely on you, and they may also return the favour

Be a good neighbour yourself – If your neighbour is behaving erratically it might be because of something you’re doing – for example, insulation in a flat ceiling may make quite ordinary behaviour appear unreasonably loud to the flat below. Try talking to them about their issues and you may find out what’s wrong.

Invite them in – If there is a particular issue with your neighbour and you’re on speaking terms, try inviting them into your home so they can experience the issues you’re having and understand how it’s affecting you (how loud their music sounds in your house for example).

Purchase legal assistance – Products such as Your Law from CPP offer support, advice and guidance on a whole range of legal matters including employment issues, personal injury, parking fines, cowboy builders and how to return faulty goods. This will then also allow you to understand the law and to take a robust position if things do unfortunately go wrong.

Are you getting the legal advice you need?

As well as following some of our top tips, it’s important to know you are getting the correct legal advice before tackling any issue. It’s always worth speaking to your neighbours about any concerns you have before issues escalate and get out of hand. Knowing your legal rights and responsibilities, and being on the right side of the law, is always useful, however, as it could influence – and temper – what you say at the beginning.

Anti-social neighbours drive a million householders out of home

Nearly a million* Britons have been forced to move house as a result of a neighbour feud, according to new research.

Findings from life assistance company CPP reveal that escalating tensions have led one in twenty (5%) feuding neighbours to sell up or move out as a result of next door’s ‘bad neighbour etiquette’.

Home and garden maintenance issues top the list of disputes between neighbours, with more than a quarter (27%) of feuds due to people leaving their homes, gardens and streets in a state of disrepair. Other common causes of disputes include excessive noise (15%), arguments over boundaries (7%), stolen parking spaces (7%) and trespassing children (6%).

18% of Britons have been in a dispute with a neighbour

The research shows nearly a fifth (18%) of Britons have been in a dispute with their neighbours in the past year alone, with the findings suggesting that our difficult relationship with our street mates is the result of a communication breakdown between people.

Although there are many people who do enjoy good relationships with their neighbours, the research reveals nearly a third of Britons (27%) rarely speak to them. One in seven (14%) of us don’t know the names of the people living in our immediate vicinity. Consequently people are finding it increasingly difficult to settle disputes amicably. According to the research, one in seven people (16%) have had a verbal argument with a neighbour in the past, and a small number of disputes (2%) have even ended in violence. Feuding neighbours are instead turning to the authorities to solve the problems for them - close to a fifth of people (18%) have reported their neighbours to the police or local council.

Without a quick resolution arguments can easily escalate, with Britons paying out a collective £100 million2 in the last year alone in an attempt to rectify a neighbour dispute.

Do you have access to the right legal advice?

To help solve the problems between Britain’s feuding neighbours, CPP is calling on consumers to make sure they are gaining the correct legal advice. More than one in ten (12%) believe that having easy access to legal advice could help them solve a neighbourhood dispute.

Alasdair MacSporran, Head of Your Law at CPP said: “Our research tells us that getting on with the neighbours shouldn’t be taken for granted. It’s always worth speaking to your neighbours about any concerns you have before issues escalate and get out of hand. Knowing your legal rights and responsibilities, and being on the right side of the law, is always useful, however, as it could influence – and temper – what you say at the beginning.

“The deregulation of the legal services sector from 6 October 2011 will see many more companies offering simple, lower cost legal services directly to consumers – both online and on the high-street, which should benefit many people who have previously shied away from using traditional law firms to settle day-to-day and often easily reconcilable, disputes.”

CPP’s tips to avoid neighbour disputes

• Play your part – keep your garden and surrounding areas tidy and free of rubbish. This way people in your neighbourhood will respect you for showing them and their community consideration. In addition the police and the courts are more likely to take you seriously if you behave reasonably yourself.
• Keep them updated – Make sure you keep your neighbour informed of anything that may disturb them – for instance building work or a house party. This will help maintain good relations between you and will encourage them to let you know of anything they’ve planned that you may find a nuisance. This will then often also avoid legal disputes particularly where there are legal duties and obligations to consider.
• Lend a hand – Offer to pick up your neighbour’s papers and keep an eye on their place when they are away, letting them know that you’ll contact them if you see anything awry or suspicious near their house. This will let your neighbour know they can trust and rely on you, and they may also return the favour.
• Be a good neighbour yourself – If your neighbour is behaving erratically it might be because of something you’re doing – for example poor insulation in a flat ceiling may make quite ordinary behaviour appear unreasonably loud to the flat below. Try talking to them about their issues and you may find out what’s wrong.
• Invite them in – If there is a particular issue with your neighbour and you’re on speaking terms, try inviting them into your home so they can experience the issues you’re having and understand how it’s affecting you (how loud their music sounds in your house for example).
• Purchase legal assistance – Products such as Your Law from CPP offer support, legal advice and guidance on a whole range of legal matters including employment issues, personal injury, parking fines, cowboy builders and how to return faulty goods. This will then allow you to understand the law and to take a robust position if things do unfortunately go wrong.

Research Methodology

ICM interviewed a random sample of 2028 adults aged 18+ online between 15th – 16th June 2011.

Surveys were conducted across the country and the results have been weighted to the profile of all adults. ICM is a member of the British Polling Council and abides by its rules. Further information at http://www.icmresearch.co.uk

* According to research conducted for CPP by ICM, 5% of people who have had a dispute with a neighbour have moved house as a result. This equates to 914,000 people.

** According to the ICM research, the average cost to rectify a situation with a neighbour is £60.41. In the last 12 months, 3.550296% (4%) of people have had a dispute with a neighbour which cost them money - the total adult (18+) population in Great Britain is 47,400,000. 3.550296% (4%) of these equates to 1,682,840. 1,682,840 * £60.41 = £101,660,364

CPP develop free tool to understand credit report

Detect Identity Fraud

This week CPP Group Plc has launched a new free tool that shows how your credit report can be used to help detect identity fraud.

Many of us are now familiar with the term ‘credit report’ and if asked may be able to describe its use by financial institutions to check, amongst other things, credit history. But when it comes to it, would you know how to spot signs of identity fraud using your credit report?

In an attempt to increase public awareness of the importance of checking your credit report to uncover identity fraud, Life Assistance Company, CPP has  created a credit report demo. The tool allows users to flick through the pages of a sample report online and read through information on how to interpret the details your credit report holds, helping you to detect if identity fraud has occurred. Knowing exactly what to look for on your credit report could mean that you pick up on unusual activity quickly which could help stop identity fraud in its tracks.  

How can you find out if your identity has been stolen?

Many of us don’t know we’ve been a victim of identity fraud until it’s too late. One of the best ways to determine whether identity fraud has been committed against you is to regularly check your credit report. But what do you need to look for? With 15 different sections a credit report can be a tricky document to navigate and interpret.

Some of the advice covered by the tool includes:

• Check the ‘Aliases’ section of your credit report. If names appear that you don’t recognise it could be a sign that someone is posing as you
• If someone is listed that you don’t recognise in the ‘Financial associations’ section of your credit report it could be a sign of someone acting under your name
• Take a close look at the linked addresses detailed in your report. If an address appears that you don’t recognise someone may be using your name at another address
• In addition to checking your credit report there may be more you can do to limit the damage caused by identity theft.

CPP's tips to help prevent you from becoming a victim of identity fraud:

• If you've moved house recently make sure you instruct the Post Office to redirect your mail to your new address for at least a year. Notify your credit card company, bank, and any other organisations that you deal with as soon as possible.
• Make sure you shred any discarded bills, statements, wage slips or even junk mail that contain your name and address.
• Opt out of having your details available on the edited electoral roll can help to keep your details safe.
• Don't let your debit/credit cards out of sight.
• When online never type credit card numbers, passwords, or any other confidential information into a web site unless its address begins with https and the browser displays the "closed padlock" symbol.

For more tips on how to keep control of your identity take a look at CPP’s free sample credit report as well as other tools and information online.

When describing the new free tool, Michael Lynch, Identity Fraud expert at CPP commented “we want to do as much as possible to make sure that the public as well as our customers are taking necessary precautions to protect themselves from identity fraud. Credit reports are spoken about in the media a great deal nowadays but it’s not a simple document to understand. We’ve created this tool as a guide to help people understand their credit report and ensure they’re able to quickly identify possible fraud.”

How to avoid airport stress: stay calm, plan ahead and relax in airport lounges

You’ve squashed a week’s worth of your belongings into a suitcase, rushed to the airport in the middle of the night, and as you arrive, the screen flashes ‘Delayed’ or worse still ‘Cancelled’. Enough to make you feel stressed and ready more than ever for that holiday? Airport travel can certainly be stressful, so our recent poll tells us.

How many people feel stressed at the airport?

CPP looked into the issues of the stresses associated with airport travel and found out some interesting things about what Brits think about departing from airports for the annual trip away.

From the 2,005 people surveyed, 42 per cent said airports make them feel stressed and close to a quarter (23%) find the prospect of getting on to their flight as stress inducing if not more stressful than moving house! The problem has become so common that one in ten of us are now avoiding flying altogether as a result.

What’s even more interesting is that 2.9 million people have missed a flight in the past, with 20 per cent of us having had to run to the gate to catch a flight with just minutes to spare.

Why are airports so stressful?

So, why is airport travel so stressful? We worked with psychologist, David Moxon to investigate this further. He told us that it’s no surprise that airports can be stressful places; there’s potential for many different things to happen (and all outside of our control) which, when combined, make them particularly stressful places.

What’s more, if you’re on the way to the airport worried about whether you’ve remembered your passports, or if you really did lock the front door, you will consequently feel a little bit more stressed at the airport because you’re already harbouring all these anxieties. This is known as the ‘accumulation effect’ so the airport experience will just make these stressful feelings come to a head.

What can you do to avoid stress?

So, if reading all of this makes you feel a little bit stressed about your next trip to the airport, what can we do to feel less anxious about the whole experience? It’s all in the planning and about trying to remain calm, relaxed and in control as much as possible. 40% of those polled said having a quiet environment or access to a lounge (35%) would improve the experience of airport travel. If you’re lucky enough to be heading to the airport soon to go somewhere nice, take a look at our top tips for avoiding airport stress:

1. Choose your airport carefully. Bigger airports tend to be busier which can mean higher stress levels. So consider flying to a smaller, local airport to reduce transfer times and hassle.

2. Do as much as you can online beforehand. Many airlines now allow travellers to check in online up to forty eight hours beforehand, which can really reduce the amount of time spent queuing when you arrive at the airport. If you do choose this option, remember to print off your boarding pass.

3. Minimise parking time. Airport car-parks are huge and navigating them can be tricky, so consider dropping off all your passengers at check in and having one person park the car to avoid unnecessary stress.

4. Check in minimal luggage. With airlines increasingly charging for checked-in luggage, you can avoid queues and save cash by taking carry-on luggage where possible, especially for short breaks. This means you can go straight through to security and save time on the other side.

5. Opt for fast-track security. Some larger airports now allow passengers to pay for the opportunity to fast-track through the security gates. This can speed up the airport process and give you more time relaxing on the other side.

6. Take advantage of airport lounges. Airport lounges are a great way to relax and get that holiday feeling before boarding the plane – you’ll be guaranteed a seat and get complimentary snacks. CPP’s Airport Angel AirText service will even text you when your flight is boarding to ensure you get there on time.

7. Have a boarding strategy. If you have pre-booked seats it may be worth boarding last, meaning you can spend longer in the lounge and less time queuing at the gate. If you haven’t got pre-booked seats, think about getting priority boarding or leaving a little more time at gate to get to the front of the queue.

Poll reveals 50% of you find airports more stressful than commuting by car or train

In last week’s poll I asked which activity you find less stressful than travelling through an airport. I can reveal that 50% of you find the whole airport experience more stressful than commuting by car or train and 25% of you find it more stressful than family gatherings and 25% more than moving house.

This might be a surprise to some of you but it echoes the findings of CPP’s latest research.  CPP found that bad airport experiences have led to nearly four million travellers giving up flying altogether. What’s more over a third of Britons, who have flown in the past, now claim the airport experience is more stressful than the working week.

So why is the airport experience so stressful?

Well many of us Brits are worried about making it to the gate on time – over 2.9 million travellers have missed a flight in the past, while one in five of us have had to run to the gate, making our flight with just minutes to spare.

What’s more, one previous experiment using Heathrow airport saw holidaymakers’ heart-rates rise to a level equivalent to doing intense exercise. This was supported by CPP’s research, which revealed that holidaymakers, who had visited more than one airport, cited Heathrow as the most stressful, followed by Gatwick and Manchester.

What can be done to improve the airport experience?

Travellers have however come up with ways to make airport more pleasant – popular suggestions include less queuing, and cheaper and nicer food and more seats. 40% of travellers say a quiet environment would help reduce their stress levels, with 35% recommending access to an airport lounge to calm their airport anxiety.

Here are our recommendations for avoiding airport stress

1. Choose your airport carefully. By nature bigger airports are busier and therefore more stressful than smaller airports. So consider flying to a local airport to reduce transfer times and hassle.

2. Do as much as you can online beforehand. Many airlines now allow travellers to check in online up to forty eight hours beforehand, which can really reduce the amount of time spent queuing when you arrive at the airport. If you do choose this option, remember to print off your boarding pass.

3. Minimise parking time. Airport car-parks are huge and navigating them can be tricky, so consider dropping off all your passengers at check in and having one person park the car to avoid unnecessary stress.

4. Check in minimal luggage. With airlines increasingly charging for checked-in luggage, you can avoid queues and save cash by taking carry-on luggage where possible, especially for short breaks. This means you can go straight through to security and save time on the other side.

5. Opt for fast-track security. Some larger airports now allow passengers to pay for the opportunity to fast-track through the security gates. This can speed up the airport process and give you more time relaxing on the other side.

6. Take advantage of airport lounges worldwide. Airport lounges are a great way to relax and get that holiday feeling before boarding the plane – you’ll be guaranteed a seat and get complimentary snacks. CPP’s Airport Angel AirText service will even text you when your flight is boarding to ensure you get there on time.

7. Have a boarding strategy. If you have pre-booked seats it may be worth boarding last, meaning you can spend longer in the lounge and less time queuing at the gate. If you haven’t got pre-booked seats, think about getting priority boarding or leaving a little more time at gate to get to the front of the queue.

For the full article please click here.

So what makes airports such an inherently stressful experience?

The human stress response is designed to alert us to potential threats in our environment, such as vicious predators. Although our environment has changed fundamentally since the days when our species had to contend with harsh landscapes, this primitive mechanism remains with us today.

As well as the more obvious life-changing triggers such as the death of a family member, divorce or illness, minor daily irritants have also been shown to generate stress. These could include having an argument with someone, being late for an appointment or - one of the modern day stress minefields - travelling through a busy airport.

A recent study from CPP has revealed that 42% of people say they encounter airport stress, with more than a third of people who have flown now saying that the airport experience is more stressful than the working week.

So what makes airports such an inherently stressful experience?  There are clearly many contributors to airport stress but the main factors are:

Lack of control

When people believe they are in control of a situation they can manage stressful events far more effectively. However, when you are travelling through airports, feeling unsure about what might happen next is common and this sense of being out of control is what leads to increased anxiety.

Experiencing a lack of control is not unique to air travel, but combined with flight delays, fears of running late or missing the flight altogether, the airport experience can quickly become ‘un-empowering’ for individuals.    

Indeed the CPP survey data suggests that the largest contributors to airport stress (flight delays, mislaid belongings and getting to the gate on time) all relate to a sense of ‘lack of control’. 

Busy environment

Busy environments can be unpredictable and produce a feeling of ‘sensory overload’. If faced with an unexpected large group of people we feel overwhelmed. Airports deal with a very high density of people and are arguably some of the busiest places we will ever experience. Combine this with delays, queues and inadequate waiting areas it contributes to a highly stressful time.   

Heathrow is the largest UK airport and the biggest international airport in the world, with over 62 million passengers passing through each year.  It is therefore not surprising that Heathrow was cited in the CPP research as the most stressful airport in the UK.

Time deadlines

Another feature that initiates the stress response is responding to time deadlines.  Combined with the size and business of airport terminals, time urgency frequently becomes an amplified factor for flyers.

Indeed the CPP research showed that 37% of flyers reported anxiety due to worries of running late.

‘Accumulation effect’

Stressors have a habit of accumulating, resulting in new stressors appearing before existing ones have been resolved.  For example, if you are anxious the night before travelling (perhaps worrying about your flight or going to an unfamiliar destination) this anxiety can be exacerbated if you experience stress at the airport the following day.  If people are in a state of high arousal already, hassles at airports can compound their stress.  

So how is the impact of stress felt? One of the major issues with the stress response is that frequent exposure to stressors (known as chronic stress) has been linked to cardiovascular problems and immune system suppression.  If people regularly fly and are exposed to delays, queues, time deadlines and they perceive these as frustrating, this potentially is going to have a harmful effect on their health.

Poll - which of the following do you find less stressful than travelling through an airport?

Whether you’re a frequent flyer or only travel once a year; many of us suffer from airport stress. From flight delays and mislaying belongings to getting to the gate on time, all these airport events add to our anxiety levels. 

This online poll is designed to discover what percentages of people suffer from airport stress and what other forms of transport they find less stressful. With the results CPP hope to narrow down what the source of airport stress is and how it can be prevented through airport lounge access and other amities.

Take part in our latest poll to tell us what you think....

 

The results have been collected and we have written an extensive report about our findings. You can find our report here or take a look at the other CPP blogs.

Is futuristic airport security on its way?

The latest in airport security was unveiled last week at the International Air Transport Association’s (IATA) annual meeting.  The unveiling of the ‘Checkpoint of the future’ will change airport security process and make it more efficient – so no more boring queues!

Travematch.co.uk explains, “This next generation check-in system will funnel fliers through a new streamlined security system, this will mean quicker check-ins for most travellers.”

Whether you’re a frequent flyer or only travel once a year everyone will benefit from this new form of security check-in.  With 3 check-in tunnels, passengers will be scanned as they walk through with no need to remove belts, shoes or any other items of clothing or even unpack handbags or carry on bags.

Going straight from check in through to the departure lounge with ease is something of the future… but will the ‘Checkpoint of the future’ bring this to us?  There’s only one way to found out! From 2012 this will start to be rolled out in UK airports.

A good customer experience is something UK airports are striving for so the introduction of a faster way to get through airport security will be welcomed by most.  Those travellers who have airport lounge access already enjoy a stress free wait for the flight – now they can look forward to a hassle free way to check-in.

For more information on airport lounge access to enjoy a hassle-free wait before you fly visit our Airport Angel lounge page!

For further information about this blog post visit: http://www.prnewswire.com/news-releases/travelmatch-checkpoint-of-the-future-to-ease-airport-stress-123796629.html

Hacking isn’t going away!

Cybercrime is increasingly in the news, with the latest revelation being the hacking on the IMF (International Monetary Fund).  People have been hacking for years but the fact these cybercrime stories seem to be in the media everyday and are affecting just regular people makes me think we all need to sit up and take notice!

The latest news story involving the IMF reveals this hacking has been going on for a few years, with the FBI now looking into it.  

In the news only a couple of weeks ago was the Sony story - Playstation customer’s details being taken and the risk of their identity being stolen was rather shocking – how did the hackers get in and get so much information?!

CPP looked into how easy it is to learn how to hack with a live experiment recently and revealed there are more than 20,000 videos dedicated to hacking just on YouTube.

With this amount of video’s online, surely the number of people learning to hack will increase? Why are those types of video allowed to access so easily?

Not only is it important to know about the latest online scams and threats, you also need to know how to protect your identity. So here are some top tips to avoid being hacked, whether this is your home network or your work network, make sure it’s secure:

1.    Change your passwords regularly - the longer and more obscure, the better
2.    Leave a website if you notice strange behaviour (unknown certificates, pop-ups etc.)
3.    Avoid transmitting sensitive data over public (free or otherwise) Wi-Fi
4.    When seeking Wi-Fi connections: know who you are connecting to, be wary of free Wi-Fi access
5.    If using a smartphone: disable Wi-Fi ‘auto-connect’
6.    If you are concerned about identity fraud, consider purchasing an identity fraud protection product to help you detect, prevent and resolve any incidence of the fraud.
 

For more information on how hackers targeted the IMF visit: http://www.thisismoney.co.uk/news/article.html?in_article_id=536840&in_page_id=2#ixzz1P9038AAI

Family airport lounges… coming soon?

A recent survey by Skyscanner has revealed the lack of facilities at airports for families.

Of the 1,000 people surveyed, 73% said the lack of facilities for families in airports caused stress which had an impact on the overall holiday experience.

Queuing was also highlighted as a bug-bare, with 51% saying it was the worst thing about airports.  

Traveldailynews.com reported: “The services that families would most like to see offered were (in order of popularity):

1. soft play areas

2. kids TV/cinema area

3. play area with toys and books for under-fives

4. dedicated security queue for adults travelling with children

5. ‘kids cafe and bar’ with complimentary refreshments

6. bottle-warming facilities

7. video game zone

8. staffed creche

9. ball pool

10. pram rental

11. pre-order baby food service

12. storytelling

Airport lounges do offer a stress free atmosphere, complimentary refreshments and a chance to escape the crowds, but can families use them? Dedicated family lounges would be ideal, even if they had a kids TV area and complimentary refreshments, I’m sure many families would be grateful!

What do you think?
 

Poll - how accessible is hacking?

Yesterday we revealed that people can learn how to hack into someone’s account in less than 15 minutes. In a controlled ‘classroom’ experiment, a small group of volunteers with limited technological knowledge followed a online tutorial using a ‘man in the middle’ technique to hack into a computer network and obtain each other’s login details.

Following this we ask:

Live experiment shows people can learn how to hack into someone’s account in less than 15 mins

Cybercrime still rife

Have you heard the one about the criminal in the internet cafe? Someone sits next to him, gives him their credit cards, and all of their passwords. They also give him the addresses of all their friends and family, for good measure.

Lucky criminal, right? Actually, he’s just committed a very simple and frequent crime.

While using unsecure internet connections, millions of victims are unknowingly showcasing their most private and valuable information – and they have no idea who’s watching.

Hacking is a teachable technique

Firebrand Training recently demonstrated for CPP how easy it is to teach anyone how to hack. This technique can be – and has been - used to steal millions of pounds from unsuspecting victims. The hacking technique is called a ‘man in the middle’ attack.

In simple terms, it places the hacker between the unsuspecting victim, and what he or she is viewing on the internet. This means that every piece of information that the victim sends or receives, passes via the hacker. Credit card details? Yes please. Passwords? These too.

This is made possible by a piece of software, freely available to download. When the hacker runs the software, he collects the victim’s usernames and passwords in clear text on his screen. These details can be used by the hacker, to log-in to the victim’s email or online shopping account, either then and there or at a later date. You can guess the rest.

Not only is this software readily available, but there are also hundreds of thousands of tutorial videos online. The beauty of the internet.

So how quickly can you become a hacker?

It took us just fourteen minutes to teach members of the public to become hackers (they signed a disclaimer saying they wouldn’t use their new skills for illegal or malicious attacks).

Hacking can threaten us every day of our lives – but not only when we’re sat in front of a PC. From accessing Wi-Fi in a coffee shop or checking emails on a smartphone, through to playing on a games console at home - there’s someone out there who’s learning how to get closer to your personal information.
Worryingly, it’s the major organisations that are often leaving themselves exposed to these kinds of attacks. Many companies, of all sizes, continue to leave their network visible to potential attackers by using pre-set security settings and inadequate passwords. That’s why there are also ‘ethical hackers’ out there. The cyber super hero. These Certified Ethical Hackers are trained to use the tools of a hacker. To think like a hacker. They help organisations pre-test their own systems for potential weaknesses that could be compromised by a hacker.

How to protect yourself from hackers

There are a number of steps people can take to protect their information from hackers:

• Change your passwords regularly - the longer and more obscure, the better
• Leave a website if you notice strange behaviour (unknown certificates, pop-ups etc.)
• Avoid transmitting sensitive data over public (free or otherwise) Wi-Fi
• When seeking Wi-Fi connections: know who you are connecting to, be wary of free Wi-Fi access
• If using a smartphone: disable Wi-Fi ‘auto-connect’

Remember the Golden Rule - unless you know your connection is secure, do not communicate any information or data that you wouldn’t feel comfortable shouting across a crowded room.


 

CPP reveals the extent of online hacker tutorials

People can learn how to hack into someone’s account in less than 15 minutes findings from a live investigation revealed.

 

Extent of online hacker tutorials revealed

Hacking – the accessible art

Ever wondered how hackers learn their trade?

Would it surprise you to learn that there are over 20,000 videos on YouTube alone that are devoted to hacking? And that the most popular of these video tutorials have millions of views?

You may think that as long as you have up-to-date anti-virus software that you would be safe online, but these tutorials are designed to teach users how to hack numerous online accounts including social media accounts, secure online payment systems and smartphones. There are 6,000 videos on how to hack Facebook alone.

The average duration of these videos is three minutes and the most popular of these videos tend to be under three minutes long.

Although there are a variety of hacking tutorials available two distinct techniques have been identified – ‘man in the middle’ and ‘SQL injection’. A specific search for ‘man in the middle hacking’ returns over 1,000 videos with the most popular video viewed more than 200,000 times.

‘Screencast’ videos are being used more and more as they are accessible and easy-to-follow because they demonstrate exactly what the user sees in their own screen. The viewer needs only to replicate what they see online and they have become a hacker. It is unnerving to see that this video has been viewed more than half a million times.

The other common form of hacking video – SQL injection – exploits a weakness in a website that allows the hacker to deliver a specific line of code that causes the website to inadvertently reveal information from its database.

Although these hacking tutorials provide a fast introduction to hacking, they are not for the seasoned professional. There are online communities with thousands of contributors where the science of hacking is constantly evolving. The beauty and danger of the internet means that these communities are easily found.

How effective are hacking videos?

Looking to test the effectiveness of this content, CPP recruited a small group of volunteers in a controlled experiment to see if they could use an online tutorial. After signing a disclaimer saying they wouldn’t use the information for illegal or malicious attacks they were taken through a ‘man in the middle’ technique using Cain and Able software. The tutorial used a Screencast technique so as they were taken through the presentation they were also undertaking the hack themselves. From the beginning of the lesson to the point each volunteer was able to intercept another member’s of the group passwords took 14 minutes.

When we broadened the investigation and asked the general public their views on the issue, over seven million people in the UK claimed to have had their password-protected accounts accesses without their permission.

Asked if they were concerned about the potential for unauthorised access, most people said they were concerned and an overwhelming majority (87%) do not want this type of information online. Many thought it increased the risk of identity fraud and wanted the Government to take action to remove this type of content. Only 1% of people thought ‘hacking’ tutorials were ‘light hearted fun’ and nothing to worry about.

As the Sony data breach has recently shown, it is important for both businesses and consumers to keep anti-virus and firewall software up-to-date and change passwords regularly. To ignore this, puts us all at risk.

Poll: Has your social networking profile ever been hacked?

Social and professional networking sites are a great way of connecting with friends and like minded people. However with so much of our lives spent online, it's easy to lose track of just how much information about you is out there on such sites, which could potentially be used by criminals looking to steal your identity.

Following the news that access to hundreds of thousands of Facebook accounts may have accidentally been leaked because of a flaw in some applications, we ask:

Don't forget - think carefully about adding too much personal information on social networking sites including your date of birth, maiden name, place of birth – this information could be used by a fraudster to commit identity fraud using your personal information.

A new identity costs less than £250!

I think it is pretty much accepted you can buy just about anything on the Internet these days. The same used to be said about London department store, Harrods, but the Internet would win hands down these days.

There’s no doubt the Internet has changed our lives, and mainly for the good. There are however a number of downsides to the Internet which are well documented. We all know that the Internet can be used to steal our identities – fake websites, phishing e-mails and malware are all used to capture our personal and financial information, but recently the proliferation of online sites trading false identifying documentation has increased rapidly.

To look at this in more detail, CPP purchased a selection of documents that were positioned as ‘novelty’ or ‘replacement’ documentation. The fact that these ‘novelty’ items cost hundreds of pounds makes their intended use questionable in the very least.

So what did we find?

From one site, and I won’t reveal the URL for obvious reasons, we purchased:

• a driving permit,
• bank and utility statement and
• European work permit for £210

As part of our investigation we acquired an international driving permit for just £40 and a European work permit for a mere £10.  A ‘package’ including bank and utility statements and a PAYE coding notice was only £160.

Needless to say we offered this information to the Police, who, perhaps overwhelmed by the amount of this information online, the ambiguous jurisdiction of the Internet, declined to take receipt or investigate further.

The quality of the documentation was good and could enable the holder to potentially open bank accounts, apply for credit loans and loans, mobile phone contracts and other goods and services in the victim’s name.

As well as ‘novelty’ or ‘replacement’ items being available online, fraudsters or opportunistic criminals can also access personal information from a variety of other sources including social networking sites such as Facebook to the more traditional Births, Marriages and Deaths records. Previous research from CPP has shown online channels are a particularly good source of information with 87% of Britons providing their date of birth online, 20% their national insurance details and 45% their credit card details.

The results of this investigation show that documents are out there and available to buy at a relatively low cost.  Contrary to what some commentators say in the media, identity theft is widespread and there is no guarantee that your identity will not be stolen. Recent tragic events overseas including the earthquakes in Japan and New Zealand show that fraudsters are quick to exploit the current news agenda as well as the latest technology to defraud people.

But there are practical steps people can protect themselves. People need to think of their identity as a valuable commodity with a financial value and get into the habit of regularly accessing their credit reports, being careful about disclosing their personal information online or to unsolicited phone calls and e-mails, and closely scrutinising their banks statements for any unusual transactions.

In spite of all the media coverage and calls for people to safeguard their personal information, the National Fraud Authority estimates that every year identity fraud costs more than £2.7 billion and affects 1.8 million people in the UK. 

To find out more about the audit CPP undertook view our news page, CPP News.

Millions hit by Sony data breach

As predictable that night follows day you can be sure that identity fraud is not going to go away and the latest data breach involving Sony PlayStation is a clear sign that fraudsters are as inventive and industrious as ever.

Attacking Sony’s PlayStation Network, fraudsters are estimated to have obtained sensitive personal and financial data of over 70 million customers worldwide including three million users in the UK. The data loss ranks as one of the biggest data losses to affect individuals and easily exceeds the loss by HMRC of all Child Benefit records affecting 25 million individuals and 7.25 million UK families in November 2007.

What makes this data breach potentially so serious, however, is the amount of data that has been stolen. Sony’s blog that first reported the data breach says:

• the name
• address
• country
• e-mail addresses
• date of birth
• password
• login details - of its PlayStation Network and Qriocity service user accounts have been obtained.

Furthermore, it is possible that credit card information may also have been stolen. Experts have described the security breach as a “nightmare” scenario, which could leave millions of PlayStation users open to identity and credit card fraud.

What this data breach tells us is that consumers cannot guarantee that their personal data will not be stolen. And because of this consumers must consider and treat their identity as a valuable commodity. This will require a significant, but necessary shift in attitude for many people who hitherto have consciously decided to stick their ‘heads in the sand’ and hope identity fraud won’t happen to them.

Undeniably few sensible people would leave the key in their car’s ignition, carry thousands of pounds on their person or leave their front door unlocked, but neglecting to manage our identities is akin to financial negligence. This latest data breach is a clear warning that we all have to proactively engage in detecting identity fraud through:

• monitoring our credit reports
• interrogating our bank statements
• being careful about the disclosure of sensitive and personal information either online and to any unsolicited e-mails and phone calls.

In the UK, according to the Information Commissioner’s Office there were 603 self-reported data breaches – where information has been disclosed or lost – between 6 April 2010 and 22 March 2011 (source: CRN 27 April, 2011); clear evidence that we cannot guarantee our identities will not be stolen or compromised by events outside our direct control.

If you are one of those affected by the data breach one of the first actions you should take is to change your passwords and usernames if you are in the habit of using the same access details for different online accounts – access to one could mean access to all and open up a whole host of problems.

Beyond this immediate action, the proactive management of people’s identities has to become a priority to ensure our exposure to events such as this is limited and properly managed. The provision of identity protection products that help people to do this would seem more relevant than ever and address a real and pressing consumer need.

For more information visit the CPP website to find out more about identity protection.

Poll: What smartphone do you own?

We recently came across an article which we covered in our media monitoring blog posts on how Android phones have overtaken the iPhone (view the article here: Is the iPhone really losing out to Android?).

We're interested in finding out what smartphone you use in your everyday life - it doesn't matter if it’s a work phone or not!

Take our poll and we'll report back in a week or so to see if the iPhone is really losing out to the Android mobile device...

Is the iPhone really losing out to Android?

This week’s media monitoring roundup looks at how the iPhone is losing out to Android mobile phones, how cybercriminals are targeting smartphones and social networks, and finally how a data breach by US marketing firm Epsilon affected M&S customers in the UK.

Media monitoring: 4th April – 10th April 2011:

iPhone losing out to Android mobile phones

If you thought the iPhone was the top smartphone in the UK you’d be wrong. That crown goes to the Android, which is operated by Google. If you’re unsure of what a smart phone is, these are mobile phones that offer advanced functions which may normally only be found on a PC such as email and the internet.

Recent research by YouGov revealed the following market share of mobile phone operating systems:
•    Android = 28%
•    Apple = 26%
•    Blackberry = 14%
•    Symbian = 6%
•    Windows 7 = 5%

To find out more information about this survey view the article here: http://www.expertreviews.co.uk/mobile-phones/1283935/android-now-more-popular-than-iphone-in-uk

What phone do you use? Take our poll and we’ll conduct our own survey on the most popular smartphone!

Find out more about gadget news here: http://blog.cpp.co.uk/index.php/articles/category/gadget
---

Criminals targeting mobile devices and social networks

The latest report on cybercrime has been released by Symantic. It explains how smartphones and social networks are highly likely to be the next big target for cybercriminals.

The BBC reports: “Users of Facebook, Twitter and Google's mobile operating system, Android, are said to be particularly vulnerable…  However, the number of attacks remains small compared to other online crimes such as e-mail phishing.”

We revealed figures from the UK Government in February showing just how much cybercrime costs the UK, view our media monitoring post Mobile and gadget articles dominate the news and Cybercrime costs are revealed

To find out more about how you can be protected view our blog post, Are you sharing more personal information than you realise?
For more information about the report from Symantic visit: http://www.bbc.co.uk/news/technology-12967254
---

M&S customers caught up in e-mail hack

Marketing firm Epsilon who Marks and Spencer use to send emails to their customers was hit by a security breach last week. The data breach which happened on 30th March 2011, affected 2% of Epsilon clients.

An email sent by M&S to some of its customers reads, "We have been informed by Epsilon, a company we use to send e-mails to our customers, that some M&S customer e-mail addresses have been accessed without authorisation."

M&S stated in their email that customers may receive an increase in spam mail or Phishing as a result of the data breach at Epsilon, and pointed out that personal information was safe and had not been accessed or deemed at risk.

Are you an M&S customer and have notice an increase in spam emails? Get in touch! We’d like to know whether you have been affected.

For more information on the data breach at Epsilon visit: http://www.bbc.co.uk/news/technology-12983177



 

The Epsilon data breach – what does it mean to me?

There doesn’t seem to be a week that goes by without there being a report of a data breach in the press.  One such breach of US marketing firm Epsilon resulted in millions of live e-mail addresses being stolen. Does the fact Epsilon said the only information stolen was e-mail addresses and an associated customer name and no other personal identifiable information make you feel any better?

Well, it might make you feel better but criminals often use this data in targeted Phishing attacks.

So what actually is Phishing?
 
Phishing is a way of attempting to get sensitive information by email or instant messaging.  Fraudsters try to obtain usernames, passwords and credit card details by pretending to be a trustworthy source such as social web sites, auction sites, online payment processors or IT administrators. The emails are made to look like they are from the real company and they will include links to websites which may look exactly the same as the real site.

Targeted versions of phishing have been termed spear phishing. Several recent phishing attacks have been directed specifically at senior executives and other high profile targets within businesses, and the term whaling has been coined for these kinds of attacks.

Social networking sites are now a prime target of phishing, since the personal details in such sites can be used to commit identity theft. Sites like LinkedIn have been used in spear phishing attacks.
 
What do you do if you receive an email you suspect as a Phishing email?
 
The key thing is to be suspicious of all unsolicited or unexpected emails you receive, even if they appear to originate from a trusted source – the best examples of these emails are very realistic! Please be aware that the emails may not just come from your bank, but from numerous sources including social networking sites.
 
Do not click on links from emails unless you know that you should have received the email.
 
http://banksafeonline.org.uk/phishing_explained.html
 
P.S. you didn’t click the link did you?
 

Is identity fraud an issue?

Is Identity Theft Insurance worth it?

There has been a lot of news in the media recently about identity theft and whether identity theft insurance is a worthwhile purchase.

One of the claims is that identity fraud isn’t as big a problem as many organisations allege and therefore the insurance isn’t necessary.

I’m not going to discuss the latter – you can draw your own conclusions, but I am going to present you with the evidence that identity fraud is a serious issue and that consumers do need to take preventative measures, whatever those measures are.

So is identity fraud a big problem?

The short answer to this is ‘yes’. Figures from the National Fraud Authority (NFA) estimate that every year in the UK identity fraud costs more than £2.7 billion to the UK economy and affects over 1.8 million people. To put these figures into perspective, the 2009/2010 British Crime Survey reported an estimated 659,00 domestic household burglary incidents in England and Wales (July 2010). So we have more than twice the number of identity fraud victims than burglaries. The Home Office website http://www.identitytheft.org.uk/default.asp  states that "if your identity is stolen, you may have difficulty getting loans, credit cards or a mortgage until the matter is sorted out.”

Annually at CPP we resolve around 6,500 cases of identity theft; victims who need our expert help to prove the fraud, clear their credit file and allow them to get their lives back on track. We also take hundreds of thousands of calls to our helpline and issue tens of thousands of credit alerts to consumers informing them of significant changes to their credit files allowing early intervention to stop potential identity fraud. One of the easiest ways to spot identity fraud is to monitor your credit status, but you have to do this on a regular and sustained basis as it’s only a ‘snapshot’ in time. Our proactive credit alerts inform policyholders to any changes in their credit status, so nothing untoward is missed.

So what type of identity fraud do we commonly deal with?

The most common form of is account takeover. Typically this is where a customer’s financial, online or mobile phone account is taken over and used. Financial account takeover often involves funds being removed from accounts either by direct debit, payments or transfers being set up without the customer’s consent. For mobile phones, this involves upgrading an existing account for the phone or adding additional handsets.

Other types of identity fraud are fraudulent applications for credit cards, loans and mobile phones using the victim’s identity that are used to accumulate large amounts of debt. Catalogue fraud is also common; this is where goods are ordered and the victim is charged, but never receives the goods.

Less common forms of identity theft, but fraud cases we do nevertheless help resolve on behalf of our customers include false bank accounts, benefit fraud, mortgage applications and car lease applications.

Some final tips on Identity Fraud

Finally one of the messages regularly reported in the media is that under the banking regulations consumers will be covered for financial losses provided they have not been negligent. This is true for fraud on their existing current accounts or credit cards, for example, a fraudster steals £5,000 from your current account through a skimming attack. The bank is required to reimburse those losses as long as you haven’t been grossly negligent

However, it is important to note that it is not always so straightforward for new lines of credit fraudulently obtained under someone’s identity. If a fraudster obtains credit, for example, a payday loan, store card or offshore loan, or goods and services including mobile phone contracts or catalogue purchases, the theft of the individual’s identity gives the creditor a ‘prima facie’ case – evidence that is sufficient to raise a presumption of fact or establish the fact in question unless rebutted – against the customer. In this situation the credit provider would treat the customer as liable for the debt until the customer could prove otherwise.

If the creditor looked to enforce the debt, it would be up to the customer to produce evidence to the contrary to persuade the creditor that they had been a victim of identity theft and not liable for the debt. The practical reality of the situation is that the victim is liable unless they can establish their innocence. Our Identity Protection product helps victims do this via the expert caseworker service. With some victims having multiple lines of credit taken out under their stolen identity this can be extremely time consuming and stressful.

It is clear identity fraud is a problem. The increasing use of wireless networks and smartphones that hold increasing amount of personal and sensitive financial information will undoubtedly present the fraudster with more opportunities to commit fraud. Recent media stories about apps being infected by malware including the ‘DroidDream’ which can take command of a mobile handset and send personal details to a remote server, show personal data stored on a handset is just the latest technological innovation open to exploitation. Furthermore the source code for the Zeus malware – a computer virus responsible for a number of high-profile infections since 2007 – has been put up for sale with a $100,000 price tag by its creator threatening to unleash a host of new Zeus variants that need to be identified and blocked.

In light of this and many other examples, consumers do need to take protective measures to manage their identities and safeguard their personal information.

Google to embed mobile payments in Android phones and Smartphone security threats to tackle!

News articles from 28th March to 3rd April have brought up a variety of stories surrounding mobile payment technology, a Mozilla security breach, threats concerning smartphone security and new luxurious airport lounges.

Find out more about related news below:

Google moves into contactless mobile technology

In a bid to boost its advertising business, search engine giant Google is teaming up with Mastercard Inc and Citigroup Inc, to embed a mobile payments system in android mobile devices.

The Wall Street Journal explains “The planned payment system would allow Google to offer retailers more data about their customers and help them target ads and discount offers to mobile-device users near their stores…. Google isn't expected to get a cut of the transaction fees.”

NFC (Near Field Communication) contactless technology is said to be utilised in the Nexus S handset reveals The Telegraph.

---

Mozilla silence over SSL security breach

The theft of SSL certificates and security breach on internet browsing company, Mozilla on 15th March 2011 was not disclosed to Mozilla users, reveals v3.co.uk.    This security breach meant that an attacker obtained 9 fake SSL certificates which have since been revoked.  

V3.co.uk quoted Mozilla’s security team blog on their website: "In early discussions, we were concerned that any indication that we knew about the attack would lead to attackers blocking our security updates as well".

(SSL is a security certificate which enables websites to send secure information through internet browsing, email and instant messaging for example.)

---

Smartphone security threats

The uptake of smartphones has been a huge success; however the delivery of software to protect the smartphone has little to be desired, Help Net Security’s article stated: “the security industry has been slow in recognizing the threat to such devices”.

Products and services that are designed to enhance security of smartphones are only now coming to the forefront.  It is important for smartphone users to be aware of the risks of using unsecure networks or disabling anti-virus software on their mobile phone.

Would you go on a laptop without anti-virus? Make sure you connect to secure WiFi networks, check out our Wi-Jacking story to find out more about WiFi safety.

---

Heathrow T3 Super Lounge to feature pod style bedrooms

The new T3 super lounge at Heathrow airport will put a whole new spin on airport lounges! En-suite pod style bedrooms offered at the Heathrow Airport lounge will be available this summer.  

Heathrow Skyport reveals “The new No.1 Traveller flagship lounge will offer a 'broad and innovative range of facilities' for departing and transferring passengers”.

Airport travel is becoming more luxurious than it ever has been before, and with the stress of being in an airport, this type of ‘super lounge’ with spa, games room and other luxurious facilities will be a highlight of a journey and not something you may dread!

---

Mobile payments to be rolled out by Samsung and Visa

Samsung are to launch an Olympic-branded handset which will include a mobile payment service using NFC (Near Field Communication) technology.  The pre-loaded Visa App will let users pay for items using their mobile phone.

New Media Age (NMA) explains, “Visa mobile payment app users can select ’pay’ and hold the phone in front of a compatible contactless reader to make a purchase.

NMA continue, “The app, which has yet to launch, will withdraw payment from a registered bank account and will work with contactless payment terminals already on the market.”

The launch of the Samsung mobile phone with Wave and Pay technology has yet to to be confirmed. Look out for more updates on Wave and Pay mobiles!

---

CPP contests FSA concerns over Identity Protection product

CPP recently suspended the sale of the Identity Protection product which included credit score monitoring, alerts on your credit file, caseworker access and more, explains the York Press.

The suspension comes as the FSA looked into some of the calls from the call centre, Shaun Parker, CPP’s Chief Financial Officer said: “The FSA maintain that in some of our sales calls there’s some confusion over whether the insurance covers the actual fraud”.

Shaun continues, “We have listened to the same calls they have sampled and we don’t agree with that so we’re in discussions with them about that particular point.”

To find out more information about identity protection, visit our pages on blog.cpp.co.uk or http://www.cppgroup.com/.

Corporate data at increasing risk from hackers

A recent study by security company, McAfee, reported that the intellectual property and business secrets are increasingly becoming targets for cyber thieves.

Corporate data hackers have been found to be making deals for trade secrets, marketing plans, R&D reports and source code.

Raj Samani, chief technology officer in Europe for McAfee, said thieves were running campaigns to get at particular companies or certain types of information.

The McAfee report cited cases in Germany, Brazil and Italy in which trade secrets were either stolen by an insider or cyber thieves tried to get hold of via a targeted attack.

In some cases companies were making the hackers jobs easier by not adequately censoring information about their culture or structure that was revealed in emails and other messages. Such information could prove useful for thieves mounting "social engineering" in which they pose as employees to penetrate networks.

Defending such threats is difficult because thefts of intellectual property or key documents are difficult to detect.

The report comes after a series of incidents which reveal how cyber criminals are branching out from their traditional attacks of spam and viruses.
2010 saw the arrival of the Stuxnet virus which targeted industrial plant equipment and this year we’ve seen targeted attacks on petrochemical firms, the London Stock Exchange, the European Commission and many others.

In order to keep the trust of their customers and avoid attracting the attention of regulators; McAfee urged companies that are moving to cloud-based services to work harder to ensure they know who looks after their data.
 

Mobile payments and security breach at TripAdvisor and more!

Last week in the media: Blackberry announced a new security backup application.  A security breach at TripAdvisor meant some email addresses were stolen.  

Mobile payments platform Zong expands from HTML and Android to Flash and games consoles.  Plus, Guardian blogger Mike Milmotte got caught out by Gmail advertisement and lost £2,000!


Blackberry Protect coming soon!

A new security back-up application has been developed by research in motion: Blackberry Protect.  This free app is for BIS customers which allows them to wirelessly backup, restore and remotely locate their smartphone.  

This app also allows information such as contacts, texts and bookmarks to be stored securely on your Blackberry.  Plus, Blackberry Protect allows you to remotely disable your Blackberry (according to Know Your Mobile).

In relation to data protection, making sure your phone is more secure reduces the risk of identity theft if your phone is lost or stolen.  


-
TripAdvisor caught out by security breach

Email addresses stolen by an unauthorised third party through TripAdvisor would only be affected by spam emails according to Steve Kaufer, Co-Founder and Chief Executive of TripAdvisor.

The security issue was located and closed but not before the unauthorised third party got hold of some email addresses.  Travolution reported Kaufer as saying: "I'd also like to reassure you that TripAdvisor does not collect members' credit card or financial information, and we never sell or rent our member list.”

“TripAdvisor has promised to continue working to keep its customers personal information secure and Kaufer has apologised for the breach.“
 

-
Mobile payments platform Zong expands

Mobile payments platform Zong, is expanding its platform for mobile payments to any mobile phone.  Developers can now utilise Flash, Unity, Interactive TV, games consoles and more.  Previously developers could use only HTML and on Andriod

To find out more about Zong and its mobile payments platform view the link.

Paying for an item on a mobile phone is something we wouldn't have considered a decade ago, but technology such as Zong and NFC (Near Field Communication) is bringing it to life.

Look out for more of this type of information coming out over the next 6 months.


-
Gmail advertised scam site

An online advert from a scam website advertised within a Gmail (Google email) account cost Guardian blog writer, Mike Milotte to lose £2,000 on a camera from a scam website.

As embarrassing as it was to admit to this type of deception Mike found that when he started to report this fraud, there was very little help out there.  

Just remember, if an offer is too good to be true – it often is, and you should use a credit card to pay for goods as there is a greater chance you will get your money back.

Poll: Ever been in need of legal advice?

With the announcement of Government funding cuts resulting in the closure of branches of the Citizens Advice Bureau (CABs) up and down the country we’ll all have fewer places to turn when we need impartial legal advice.

But what kinds of advice do we most commonly need?

We’re interested to know what areas of legal advice you’ve needed help with in the past or might need help with in future. Would you know how to write a Will without the help of a legal specialist or have a clue about overcoming a legal dispute with a tradesman?

Next week we’ll blog on the results from this poll!

Poll results: % of mobiles that contain personal data

We recently conducted a poll asking ‘What % of second hand mobile phones do you think contains personal data from its previous owner?’  The results are as follows:

• 7.69% of you said less than 20%
• 30.77% said 20-30%
• 15.38% said 40-49%
• 7.69% said 50-59%
• 38.46% said more than 60%

Our recent experiment revealed many people are leaving personal details on their mobile phone or SIM card, leaving them more vulnerable to identity fraud when they sold them on.

From the supporting research we found that:

A staggering 54% of mobile phones and SIM cards contained personal information!  

This means 39% of our poll voters were in the right ballpark when they guessed more than 60% - well done!

Our live experiment with ethical hacker Jason Hart found the SIM cards and phones reviewed contained the following data:



Danny Harrison, CPP’s mobile data expert added, “This report is a shocking wake up call and shows how mobile phones can inadvertently cause people to be careless with their personal data.  With the rapid technology advancements in the smartphone market and new models released by manufactures multiple times a year, consumers are upgrading their mobiles more than ever and it is imperative people take personal responsibility to properly manage their own data.”

To ensure personal data is wiped from a mobile phone or SIM card, anyone who is selling mobile phone should follow CPP’s top tips on removing personal information, view our press release: Second hand mobile phones contain personal data for more information.  

Look out for our white paper on the experiment to find out a more detailed insight, coming soon….

Part 2: Does the amount of data you keep on your mobile, put you more at risk of identity theft?

So what did we find?

Using a mobile phone SIM reader, SIM recovery software and forensic examination software that analyses mobile phones including smartphones and PDAs for data, we discovered that a worryingly high number of used mobile phones and SIM cards contain some element of personal information.

In a number of cases, the data that was left on the mobile was highly sensitive. More worrying, in some cases, the former owners had intentionally deleted their information, but it was still easily and quickly recoverable.

From 35 mobile phones and 50 SIM cards, 54 per cent of the mobile devices and SIM cards contained personal data and we retrieved a total of 247 pieces of personal data.

From all the data recovered, 75 pieces of data were personal in nature and 13 were highly sensitive including:

• nudity
• pornography
• bank account details
• passwords
• company sensitive information.

Separate to the experiment, we conducted omnibus research via a random sample of over 2,000 UK adults to understand people’s understanding of mobile data security and if the results were comparable with our data audit findings.

Interestingly and consistent with our analysis, 50% of second hand mobile phone owners said they had found personal information from a previous owner on the mobile device and SIM card purchased second hand.

Respondents said phone numbers were the most common form of data left on the handset, but text messages (26%), names (24%) and multi-media were also prominent.

When we asked people what information they stored on their mobile device and whilst we would expect people to:

• store names (66%)
• photos (57%)
• diary dates (36%)
• music (36%).

Some respondents admitted to carrying social networking log in details to sites like Facebook and LinkedIn (14%), work e-mails (6%), PIN numbers (4%), online banking details (2%) and bank account information (2%).

More worrying and in direct contrast to our data audit, 81% of people claim to have wiped their mobile device before selling them, with 60% very confident that they had wiped everything from their handset or SIM card. This conflicts with our audit that showed 54 per cent of used devices contained personal data.

Helping to explain this variance, 74 per cent of people claimed to have wiped their mobile phone or SIM manually – a process that security experts acknowledge leaves the data intact and fully retrievable.

Using a factory reset on a mobile phone may seem to be the easiest precaution, but factory resets are far from permanent since they only delete the header information and allow the aforementioned software to recover the original data.

So what can we conclude from this investigation?

The experiment shows that mobile phone users are unaware personal data is still obtainable from a device even after the user has consciously deleted content from the handset.

Facilitating this is the fact that most mobile phones do not allow a user to absolutely delete all personal content and that the process to recover data from a used mobile is very simple using the correct tools and with limited technical knowledge.

Furthermore it is evident that smartphones today hold far greater information about the user and leave a much larger identity footprint compared to mobile handsets common only a few years ago.

The investigation also showed that getting SIM cards can be a very simple process as they were largely obtained over the counter for free and that certain stores were happy to give away used SIMs with either no concern or no awareness of the potential breach of privacy.

Without doubt the surge of smartphones and their increasingly popularity will present the identity fraudster with increased opportunities to defraud the handset owner and even businesses that may have sensitive information stored on their employees’ devices.

Mark Hack, an information security expert and executive vice president of NCP engineering was quoted recently as saying : “Because today’s devices are so much more powerful and can hold so much more information than ever before, the risks are increasing.

Add to that our tendency to carry both personal and business information around with us on the same device, and our mobile devices have never looked so appealing to hackers.”

With recent stories of malware like the DroidDream and the Zeus Trojan increasingly targeting both smartphone apps and handsets, aligned with a vibrant second hand market in mobile phones, consumers will need to ensure that they manage the evolving mobile data risk and don’t let it become an open door to their identity.

What can consumers do to protect themselves from passing on their personal data in their old phones?

In conducting a recent experiment for CPP into personal data left on second hand mobile phones and SIM cards, I’ve revealed just how unaware users are of the amount and nature of personal information left on their old mobile devices – even when they feel their phone has been wiped.

Due to rapid technological advances, smartphones have much more memory and capability to save personal data, increasing the risk of identity fraud to users. This threat will only increase further if people continue to store data, including credentials like usernames and passwords, on their mobile phones.  
Over half of the 35 used mobile phones and 50 SIM cards analysed contained personal information on them - 247 individual pieces of data in total. The information recovered included personal and at times, highly sensitive information which, fallen into the wrong hands, could put the previous owner at direct risk of identity fraud.  

One thing that was clear from the investigation was that perhaps unsurprisingly - due to their increasingly central role in users’ day to day lives - smartphones hold much more personal information on them about their former owner compared to older mobile phone models. An analysis of one smartphone alone uncovered usernames, passwords, credit card information, videos, company information, photos, email addresses and notes - certainly enough information to start a social engineering attack. For a start, a fraudster would quite easily be able to take ownership and control of the previous owner’s email account, login to online shopping sites they had visited and purchase items fraudulently.

The worrying combination is this: most mobile phones do not allow a user to totally remove all personal content or user data, and the ability to recover deleted data from a mobile is a very simple process that can be undertaken with limited technical knowledge. For the purposes of this experiment, I used SIM card readers and software that can be easily accessed in the public domain.

These results highlight a clear requirement for heightened awareness amongst consumers about the need for digital security on their phones.  An effective way for this threat to be reduced is by the use of Two Factor Authentication, meaning the user generates a onetime password on demand. The sooner a commodity based authentication service is available the sooner we are going to minimise the risk.  

But until such an authentication is commonplace, what can consumers do to protect themselves from passing on their personal data in their old phones or SIMs? In the first instance, never keep an old SIM card – remove it and destroy it. Also, regardless of whether they intend to sell on their mobile phone, users need to be careful not to store vast amounts of personal information on their devices. The less data that’s on a mobile device in the first place, the easier it will be to wipe and protect the user. Other keys steps to help consumers protect themselves include:

•    Restore all factory settings - This is the first step to take to conduct a top level clearance of data on the handset
•    Delete any back-ups - Even if data stored on a smartphone, PDA or laptop is securely removed from the mobile device, that’s not to say it won’t exist on a back up elsewhere
•    Log out and delete – It’s vital to log out of social network sites accessed on the phone as well as wireless connections, company networks and applications. Once logged out, delete passwords and any wireless connections.  
•    Various passwords - The use of the same ID/password combination on multiple systems, and storage of them on mobile phones should be avoided. If it is necessary to store these details on a phone, it’s best to try and use a picture reminder of the password.

Remember, if a phone is being sold on to a retailer, it should be wiped and the SIM card destroyed.

Potential id fraud risks hit the headlines with this week’s Play security breach and more

This week we released the results of our live experiment into whether second mobile phones and SIM cards contain personal data of their previous owners and the associated risk of identity fraud.

Play.com warns customers to watch out for spam emails after security breach and elsewhere it was reported that two-fifths of Wi-Fi users 'lack security know-how'; reinforcing our findings from last year’s wi-jacking experiment.

---

Second Hand Mobiles Contain Personal Data - identity fraud risk

In our live experiment we examined 35 second hand mobile phones and 50 SIM cards purchased on eBay as well as used electronics shops, to see what personal information was available on the handsets and whether it constituted a threat to their former owners’ identities.

The experiment revealed 247 pieces of personal data that had been carelessly left on a range of mobile phones and SIM cards. The personal data included credit and debit card PIN numbers, bank account details, passwords, phone numbers, company information and log in details to social networking sites like Facebook and LinkedIn.

Mobile data expert from CPP, Danny Harrison said: “This report is a shocking wake up call and shows how mobile phones can inadvertently cause people to be careless with their personal data. With the rapid technology advancements in the smartphone market and new models released by manufactures multiple times a year, consumers are upgrading their mobiles more than ever and it is imperative people take personal responsibility to properly manage their own data. If they do sell or recycle them online or even give them to friends and family, they need to ensure they remove all their personal information thoroughly and consider the serious consequences of not doing so.”

Find out more on how storing personal data on your mobile can increase your risk of id fraud.

---

Play.com warns of customer email security breach

Play.com has warned its customers to "be vigilant" after a security breach led to some personal information being compromised. The retailer apologised to customers; assuring them that no payment details were stolen, but asked them to beware of spam e-mails containing harmful links.

Such email scams are known as phishing and pharming and are a very common type of fraud committed over the internet. Emails are created to look like they are from a trusted source, such as your bank, in order to try and elicit victims’ passwords or personal details. Typically this is by asking users to click on a link which takes them to a bogus website. This site may look a lot like a safe one but if you were to enter any personal details on it they could be used by criminals to commit id fraud.

Make sure you follow this advice to stay safe online: 

• You should never click on a link in an email from a company you don't recognised or one asking for your personal information. 'Phishing' is an email scam where a fraudster tries to trick you into disclosing personal details.
• To protect yourself from online fraud make sure your antivirus software subscription is up to date, and that your computer is configured to automatically download and install any updates.
• Avoid carrying out transactions on public or shared computers.

---

Two-fifths of Wi-Fi users 'lack security know-how'

Latest research from YouGov, on behalf of the Information Commissioner's Office (ICO), suggests that 40% of people with wireless (Wi-Fi) internet connections at home do not understand how to change their network's security settings and that worrying that 16% of respondents knew they were using an unsecured network or were unsure.

CPP research last October into Wi-jacking highlighted just easy it is for hackers to access your personal details to commit identity fraud and the importance of using wireless networks safely.

For more information on what Wi-jacking is and how to stay safe from Wi-jacking, check out our 3 part video series.

When you’re abroad, which of these statements do you agree with?

Does sun, sand and sea mean that you take less precautions to protect your wallet/purse and cash than you would do at home? 

Let us know what you think:

Card Protection FREE flight offer!

Check out CPP’s latest online Card Protection offer…

For 4 weeks only, anyone who purchases Card Protection cover online, before 19th April, will be eligible to receive a FREE return flight voucher* to any European destination!

CPP Card Protection looks after you at home and abroad. Whether at home or abroad losing or having your purse or wallet stolen can be distressing. If it happens to our customers, one free call to Card Protection helps get things back on track. CPP Card Protection not only covers you for lost or stolen cards and even fraudulent use, our cover extends to include your keys, cash and handbag too.  

Taking out Card Protection insurance before you travel will help to ensure that, if your wallet or purse is stolen, the stress and inconvenience will be minimised and you can get back on with your holiday as quickly as possible. However, there are some precautions you can take to help keep your cards and cash safe:

• Only take cards with you that intend to use. Don't carry multiple debit or credit cards in your wallet.
• Don't leave belongings unattended while swimming or sunbathing and don't hang your bag on the back of your chair in cafes and restaurants.
• Don't carry debit or credit cards loose in a bag or pocket and keep them with you when travelling to and from your destination – don't leave them in your suitcase or rucksack.
• In crowded places, keep your bag strapped across your body or held firmly with the clasp towards you. A concealed money belt is the best place to carry your cards and cash.
• Tell your bank you're going to be away and give them an up-to-date mobile phone number so they can contact you if they see any suspicious or unusual activity on your account.
• Keep an eye on your card in restaurants and cafes. Don't let a waiter take your card out of sight when you pay the bill.
• Check your receipts against your statements when you get home to make sure there are no unexpected transactions.
• Don't leave cards and other valuables unattended in your hotel room. Use a safe or your hotel's safety deposit box.
• Never tell anyone your PIN – even if they claim to be from the police or your bank – and don't write it down.

Find out more about the benefits of CPP Card Protection

* Please note there is a 21 day cooling off period once you have purchased Card Protection until you receive your voucher to redeem the offer

Do you store personal data on your mobile phone?

In our live experiment we examined 35 second hand mobile phones and 50 SIM cards purchased on eBay as well as used electronics shops, to see what personal information was available on the handsets and whether it constituted a threat to their former owners’ identities.

How much personal data do mobile phones contain? And do they pose a risk to our identities?

Undoubtedly the mobile phone has over the past few years become a technologically advanced device that offers a large host of features beyond its traditional use as a communications device.

Today almost every mobile phone now features some sort of ability to store and record information or the ability to take either photographs or capture video.

Additionally the phone may also be equipped with a voice recorder allowing the user to record sounds and voices. In some cases, these mobile phone features can be used to store sensitive information such as passwords, bank account information, photos and other personal information.

With the storage capacity on mobile phones set to increase, so does the ongoing threat from identity fraud as a result of leaving sensitive information on a mobile device.

Whilst the evolution of the mobile handset from a voice only communications tool to a device that can facilitate access to a range of lifestyle choices is exciting, there are concerns regarding the security of this personal data especially when it comes to the loss, theft or legitimate disposal of such items.

This view was echoed by Joe Nocera, an information security expert and a principle with PricewaterhouseCoopers who said: “Many of the security concerns that people think about when they think about their personal computers are applicable in the mobile world.

As mobile devices become more sophisticated, they lend themselves to the same types of access to e-mail, passwords, and other secure information that PCs have done in the past .”

In order to quantify whether used mobile phones constituted a real risk to their former owner’s identities, CPP commissioned Jason Hart, senior vice president at CRYPTOCard to analyse 35 used mobiles including the latest smartphones to more basic models and 50 SIM cards.

The purpose of the experiment was to qualify what type of sensitive information, if any, had been left on resold mobile handsets and SIM cards - even if it had been assumed deleted, and whether the information was enough to steal someone’s identity to commit ID fraud.

It is important to note that at no point during the review was any unauthorised access or sensitive information used against the original owner of the device or SIM.

So what did we find out? Look out for part 2… coming soon!

Card fraud figures decrease and NFC is the latest technology to be a big hit in 2011

Media monitoring over this last week includes: Card fraud figures released from The UK Cards Association with commentary from Nick Jones of CPP.  

Also in the news, how NFC (Near Field Communication) technology is gong to be utilised by banks and mobile operators.  Many Britons fear being a victim of card fraud and the latest security threats to look out for in 2011.


In the media for the week: 7th – 13th March 2011

Card fraud falls in the UK, but is it still a problem?

The UK Cards Association released their figures on reporting fraud in UK on credit and debit cards in 2010.  The fact this is the lowest level since the year 2000 is great news however CPP’s Nick Jones asks two important questions, “what’s behind the reduction and should we let our guard down when it comes to protecting our credit and debit card details?”

To find the answers view our blog post “UK card fraud falls again, but is it still a problem?”

---

NFC technology is the biggest thing in 2011

According to the v3.co.uk article Near Field Communication (NFC) is one of the tech buzz words of the year, with mobile operators and banks intending to use this technology in the coming year.

Smartphone giant RIM’s managing director commented “… we think BlackBerry devices will be the safest place to carry out secure mobile payments”

Make sure you’re up to speed on what NFC technology is and what it means to you by visiting  v3.co.uk .

---

Card fraud feared by Half of Britons

A survey by payment systems group ACI Worldwide has revealed half of Britons are worried about becoming victim of card fraud, however simple steps to prevent card fraud are not being taken.

The results of the survey included:
•    48% of those surveyed were worried about losing money by card cloning, or stolen credit card
•    59% of people think that this type of crime is on the increase
•    66% of participants were worried about becoming a victim of card fraud due to the current economic climate
•    36% could not afford to lose any money as they had less now
•    9% reveled they leave their PIN with the debit or credit card – thus making it easy for someone to use their card if lost or stolen.

For more information about this survey, click here.

Check out our tips to avoid card fraud - if you have some great tips, feel free to share them on the comments section at the end of this post!

---

Security threats to look out for in 2011

Malware scams were one of the security industry test in 2010, but what are the threats of 2011 shaping up to be like?

According to Cio website, these are the following 5 threats of 2011:
1.    Mobile apps
2.    Social network based scams
3.    Fake anti-virus
4.    PDFs
5.    War games.

For more information about this news story visit: http://www.cio.com.au/article/379411/five_big_security_threats_2011/

What % of second hand mobile phones do you think contains personal data from its previous owner?

The latest mobile has caught your eye, so you decide to sell your old one. You've wiped your personal data before you sell it - but have you considered the consequences if you haven't wiped everything from your phone? If you don't remove your personal and financial information from your phone before you sell, you could be putting yourself at risk of identity theft.

Take our poll to tell us what you think - next week we'll report back on the results....

UK card fraud falls again, but is it still a problem?

There was some good news this week with The UK Cards Association reporting fraud on UK credit and debit cards in 2010 was at its lowest level since 2000 – a 17% reduction on 2009 figures to £365.4 million.

Two questions come to mind, what’s behind the reduction and should we let our guard down when it comes to protecting our credit and debit card details?

To answer the former, there has been a 15% reduction on card-not-present (CNP) fraud which is essentially criminals using stolen card details fraudulently over the internet, phone or mail order. Although we have seen a significant year-on-year reduction, CNP losses still totalled £226.9 million in 2010.

Elsewhere, losses attributed to counterfeit fraud – where a person’s card is cloned or skimmed to make a fake card that is often used abroad where Chip and PIN isn't used, dropped 41% to £47.6 million; a significant reduction on the £169.8 million lost to this type of fraud in 2008.

On a very positive note, online banking fraud losses were down to £46.7 million, which is especially encouraging as more and more people are using their bank’s online banking facilities to manage their day-to-day banking.

So what specially is causing the decline in card fraud? Well it’s due to a combination of factors:

•    The banks have put a lot of hard work into developing sophisticated fraud screening tools which is helping to identify and stop CNP fraud

•    Consumers are also increasing using MasterCard SecureCode and Verified by Visa to authorise online transactions

•    A special police unit called the Dedicated Cheque and plastic Crime Unit (DCPCU) set up in 2002 has also made big inroads into reducing card fraud losses by targeting organised fraud gangs operating both in the UK and abroad

•    Another factor is the use of more secure Chip and PIN cards that the banks and credit card companies have been sending out since 2008. These more secure cards with updated integrated circuit card verification (iCVV) make it more difficult for fraudsters to tamper with Chip and PIN terminals to harvest card details.

So should we take it for granted that the battle against fraud is won? To do so would be a mistake. The banking industry needs to continue to develop counter-fraud initiatives, and consumers need to maintain a proactive and diligent approach to safeguarding their payment card details:

•    Install up-to-date anti-virus software

•    Ignore phishing e-mails and unsolicited phone calls

•    Be vigilant at ATMs

•    Regularly monitor your bank statements and credit reports.

Announcement of CPP pre-tax profits and reporting scam emails featured in the media last week!

Last week CPPGroup announced pre-tax profits for what’s been our first year as a public company.

Also featuring in the news: the most commonly used passwords online - to help you stay safe we have included a link to our helpful tips on how to create a secure password!  A data security issue with Gmail technical fault also features in the news as well as the new Fraud Alert site where anyone can register spam emails.



CPPGroup releases pre-tax profits

We released our pre-tax profits last week, which showed a pre tax profit of 66% in our first full year of being on the Stock Exchange.

For more information on CPP’s pre-tax profits, view the York Press website

---


Fraud Alert open scam-email reporting site

The National Fraud Intelligence Bureau, which is run by the police, has created a scam-email reporting site with the help of Action Fraud, to track down email scammers that continue to spam internet users.

This site will enable the police to gather crucial evidence and take preventive actions, the idea being that the fraudster will no longer have a link between them and the victim.

Anyone who receives a spam email or bogus message can report it on the Action Fraud website: http://www.actionfraud.org.uk/report_fraud.  

---

Gmail technical issue affects 150,000 users

A major fault with Google’s email account system caused around 150,000 user accounts to be reset.  This data loss caused major security concerns about data security as well as the possible breach of data retention policies for many businesses that use Gmail.

Google’s response to the incident stated: “This issue has affected less than 0.08 percent of the Google Mail user base. This is a revised estimate. Google engineers are working to restore full access. Affected users may be temporarily unable to sign in while we repair their accounts”.

For more on this article, click here.

Were you affected by the Gmail technical issue? Feel free to comment below on how it affected you/your business…

---

Do you use one of the most common passwords online?

A recent study on the most commonly used passwords online has been revealed.  The risk of identity theft for people, who use passwords such as 123456 or Password, has increased due to the simplicity of a password.

The report by Imperva found that a third of respondents made passwords up to 6 or fewer characters.  To find out more about the report, click here.

CPP recently blogged about password security, view our tips on creating a secure password.

 

Do you shield your PIN when at an ATM?

Media monitoring this week includes the conclusion of a research poll completed by Vouchercodes.co.uk which looked at how many people cover their PIN at cash machines.  Also should businesses be more open about cybercrime and finally research completed on mobile banking and whether men favour mobile banking over women…


Businesses should be more open about cybercrime

A recent claim by cyber security Detica reveals UK businesses should report cyber attacks without fear of legal reprisals.  Businesses shouldn't have to worry about damaging their business reputations.  

Being open and talking about cybercrime makes it more accessible to spot trends claims Detica.  The go on to say businesses should work alongside the Government to help stamp out cyber crimes such as hacking and phishing. Find out more about Detica's comments http://security.onestopclick.com/technology_news/businesses-need-to-be-able-to-report-cybercrime-openly_800417075.htm" target="_blank">here.

---

Do you share your PIN?

According to poll conducted by VoucherCodes.co.uk, 59% people in the UK don't keep their PIN confidential, in spite of recommendations from banks and card issuers to sheild your PIN.

Out of the 3,000 people who participated in the poll, 5% revealed they trust their children knowing their PIN.  

To find out more about this survey, click here.

---

M-banking is more popular with men than women

Andriod owners have overtaken iPhone owners in recent months, so it’s not surprising that the number of people who bank using an android phone has also overtaken those that bank on an iPhone.

A survey by UK researchers Vision Critical has shown that men are more likely to use mobile banking than women, as men feel more comfortable with the idea and are less sceptical.  The mobile wallet concept according the research findings is more likely to take off quicker with men and than women.  Read more to find out about the research results.
 

Mobile and gadget articles dominate the news and Cybercrime costs are revealed

In the media over the last 2 weeks: The Daily Mirror studied whether smartphone users were at risk of fraud using public Wi-Fi networks.  Chip and PIN celebrates its 5th birthday, the UK Government reveals how much cybercrime costs the UK and the m-commerce development across the world is growing far quicker in Asia than in the UK and USA.


Media monitoring: 14-20th Feb 2011


Happy Birthday Chip and PIN

It’s now 5 years ago since Chip and PIN changeover.  Figures from last year show that debit / credit card spend overtook cash spending for the first time.

The UK Cards Association’s chair Melanie Johnson commented, “years on and cards continue to be an increasingly popular way to pay – whether at home or abroad”.

---

Government figures show cybercrime costs the UK over £27bn

Figures released  last week by the Government show that cybercrime costs the UK over £27 billion a year.

The estimated cybercrime costs are:

•    Total cost to UK: £27bn
•    Business: £21bn
•    Government: £2.2bn
•    Citizens: £3.1bn

The BBC has revealed, “the figures, published for the first time, are a mid-range estimate and the real cost could be much higher.”  

---

Survey reveals strong m-commerce interest

According to a survey completed by Accenture, active mobile users would welcome the ability to pay for goods and services using their mobile phone.

The survey has revealed that many Eastern Asian mobile users, such as China, Japan and Korea are more likely to use mobile payments than those in the EU and USA.

Our recent post on mobile payments explains that Reuters and Engadget are reporting LG will launch mobile payment some time in 2012.

Look out for more information to follow on mobile payments.



Media monitoring: 7-13th Feb 2011

Google strengthens log-in process

Google have revealed changes to the log in process, to reduce the risk of users having their accounts hijacked if a user’s password is stolen.

The option of a second verification signing in process is designed to complement the current password only system, and Google have already begun the roll out process for this two-step verification.

---

Mobile security threats increase and public Wi-Fi hotspots warning

According to McAfee, mobile security threats rose sharply last year and malware increased 46% in 2010 in comparison with 2009.  

Not only do mobile / smartphone users have to contend with an increase in mobile malware, but public Wi-Fi hotspots pose the risk of potential fraud.  Mobile users who use the internet or Wi-Fi could find themselves becoming a victim of identity theft if they do not maintain their mobile security settings.

---

Privacy concerns on Facebook and Google in the US

According to a poll by USA Today, users of Facebook and Google worry about malware and privacy when using the social networking site and the search engine.

Whilst many Americans worry about privacy and malware, this doesn't stop them from using the sites, comScore recently revealed, Facebook's U.S. unique visitors reached 153.9 million in December, up 38% year-on-year, while time spent on the site and total page views grew 79% and 71%, respectively.

Find out more about the legislation the US would like to introduce on privacy and security on the web.

Government figures show cybercrime costs UK £27 billion

Figures released earlier today show that cybercrime costs the UK over £27 billion a year. The estimated cybercrime costs are:

•    Total cost to UK: £27bn

•    Business: £21bn

•    Government: £2.2bn

•    Citizens: £3.1bn

The BBC has revealed, “the figures, published for the first time, are a mid-range estimate and the real cost could be much higher.”  

Some businesses didn't admit to being victims of cybercrime for fears of damaging their reputation, which meant accuracy of the cost to the economy could be ‘worst case scenario’, greater than £27 billion.

Announced today the UK Government have committed £650 million to be spent tackling the issue, reveals Baroness Neville-Jones, Security Minister over the next 4 years, aiming to reduce vulnerability to an attack.

The BBC reports “The government is due to unveil a plan to disrupt cyber criminals and ensure more of them were prosecuted ‘in the spring’ and had agreed to form a joint working group with industry to tackle the problem.

“The Government wants to help build defences and expertise in order to recognise and deal with any security breaches and cyber attacks in the future.”

For more information on this story, visit the BBC website and the Telegraph website.

Public Wi-Fi hotspot warning for smartphone users

The Daily Mirror released an article today about how Wi-Fi hotspots can be hacked, putting smartphone users at risk of potential fraud.  

CPP carried out an experiment in October 2010 highlighting the risks of ‘Wi-jacking’. We found that nearly half of home Wi-Fi networks could be hacked in less than 5 seconds.

In a series of videos with Jason Hart, who helped us conduct the experiments, Jason highlights the dangers of accessing the internet over publicly available networks. Take a look at these videos which can be found on the CPP YouTube page.

With this in mind, being aware of such vulnerabilities will help prevent you from being a victim of Wi-jacking, whether using a smart phone, tablet or laptop using public wireless hotspots.

To find out more about the Daily Mirror’s experiment, view it here.

LG working on mobile payment system

The ability to go shopping and pay using your mobile phone is obviously driven by the number of retailers that have the payment systems; which use near field communication (NFC) technology. At the moment there are limited outlets in the UK that have it, so it makes sense that consumers aren’t rushing out to buy expensive mobile phones with NFC technology.

This is where LG comes in.

Reuters and Engadget reported recently that LG is working on a European mobile swipe payment system, which should be launched in 2012. This means that if you've got a compatible phone, you just swipe your handset to pay for goods and services.

Just how big will mobile payment technology be?

Well analysts Frost & Sullivan predict that by 2015 there will be more than 860 million NFC-enabled mobiles in use and that the NFC technology will be the most-used solution for mobile payment.

So, if you like the sound of this it might be a good idea when upgrading your handset to check if it's NFC-compatible

Is your password secure?

Password security is essential in keeping any password protected account from being hacked.  

The importance of password complexity is often overlooked, yet implementing complex passwords and updating them regularly are important ways of protecting yourself from hackers.   

The media this week revealed how French President Nicolas Sarkozy’s Facebook account was hacked last weekend; the hacker posted a note saying he wasn't going to seek a re-election.  This could have been far worse, and just shows how important using a secure password is.

The following advice is to help you create a strong password that no-one can guess:

1.    Your password should be a minimum of 8 characters long

2.    The password should contain the following:
        •    Upper and lower case letters
        •    Numbers
        •    Special characters

3.    Your password should not be easy to guess and not a dictionary word like ‘password’ or solely numerical like ‘12345678’

4.    Never write your password down

5.    Never share your password with family or friends

6.    Use a different password for different sites

7.    Always log off on your computer / mobile when you have finished (especially on shared or public computers).

The trick of creating a secure password is to pick an everyday phrase or word that is of meaning to you and turn it into your secure password, for example:

•    Take the word ‘password’

•    (Remove any spaces if you choose a short phrase)

•    Add in a mix of upper and lower case letters: PassworD

•    Change letters to numbers: P455word

•    Add in special characters: P455^^orD*

If you have any ideas of how to make a password secure, feel free to add your password tips in the comments section below!

CPP conducted research into online password security, view CPP’s white papers here.

Should scam letters be intercepted?

Conservative MP Caroline Nokes said scam mail should be intercepted before it reaches vulnerable people.  Today’s news reveals how Scotland Yard detectives will be seizing scam mail, read more: Met police seizing scam mail aimed at UK victims.

Also in the news last week, how SMEs are taking data security seriously, the worst cities in the UK for card fraud revealed in CPP’s Card Fraud Index and how Facebook allowed third party developers to access users privacy information.



Media monitoring 17th – 23rd January 2011:

Card fraud hotspots revealed

This week we released our annual Card Fraud Index, which shows the worst cities for card fraud.  See how your nearest city ranked by checking out our infographic, view it on flickr or on Slideshare.

---

Scam letters should be intercepted to shield the vulnerable

Conservative MP Caroline Nokes has said mail which can be clearly identified as scam letters such as fake lottery or business letters should be intercepted to shield the vulnerable from fraudsters.

Ms Nokes has said organisations to intercept such mail include The NFA (National Fraud Authority), customs officers and Royal Mail.

The BBC reported, “Her Bill was given an unopposed first reading but stands little chance of becoming law.”

---

SMEs take data security seriously – One Stop Click

According to the National Retail Federation (NRF) SME’s are making it their top priority to protect sensitive consumer information.

The survey by the NRF revealed that small to medium enterprises regularly updated their security systems especially where bank and credit card details apply.

With the risk of being fined by Information Commissioners Office (ICO) for data loss, the fact that SMEs are taking data protection and data loss seriously shows they are taking steps in the right direction to protect our data.

---

Developers allowed access to personal information – Facebook!

Sharing too much information can be risky, especially on social networks.  The latest shake-up from Facebook is that the personal information you may hide from other users, has been available to third party application developers according to Graham Cluely.

Developers have access to information from anyone who adds the application to their Facebook page.  The risk comes as the developers are not screened by Facebook.

Find out more about ‘Rogue Facebook apps’ and view our blog post by Kat Moore on protecting your identity.

Card fraud comparison statistics 2010

How is card fraud distributed throughout the UK?

CPP has conducted research into card fraud over the past 3 years to report on card fraud across the UK and to unearth how it happens and how it affects victims.

The infographic below compares the 2009 and 2010 results of which UK cities have the highest reported incidences of card fraud.



CPP research conducted in 2010 shows Brighton as the card fraud capital of the UK, replacing Cardiff as the most prominent city in 2009.  Cardiff saw fewer incidences of card fraud and fell to 11th place in 2010.  London remained unchanged in 2nd and Leeds climbed up to 4th place from 5th in 2009.

Overall 2010 saw a 3% reduction in the number of card fraud incidences on 2009.  Although card fraud reduced year-on-year, it’s important to remember that card fraud isn’t going to go away and we still need to remain vigilant and all take preventative measures.

The Card Fraud Index research also found

• 20% of card fraud victims had their cards cloned at ATM machines or via Chip and PIN
• 1 in 5 victims were defrauded online
• 33% of victims don't even know they have been defrauded
• 34% of victims find out through their bank notifying them
• 6% find out as they are refused money at the ATM
• 6% found out their card was refused at point of sale
• £417 was the average amount of money stolen
• 4% of victims lost more than £2,000
• 8 hours: this is on average the time it takes for card fraud victims to report lost or stolen cards.

CPP tips to avoid being a victim of card theft and card fraud

• Only carry credit or debit cards you need
• Don’t leave belongings unattended whilst shopping
• Make sure your cards are kept in a wallet or purse, not loose in your pocket
• Ensure you carry your emergency loss reporting number for your card protection company (if you are registered with one)
• Never write down your PIN number
• Don't let shop assistants or waiters take your debit or credit card out of your sight
• Don't let anyone take money out on your behalf
• Check your receipts against your bank statements regularly.

To see how prolific card fraud is in your area, take a look at our research document: UK Regional Card Fraud.

13 million people in the UK affected by card fraud

Ever been a victim of card fraud?

If you haven’t than you are perhaps luckier than you think you are, or you are already taking steps to protect your valuable financial information.

According to our latest CPP research, 28% of adults have now been a victim of card fraud in the UK. When you do the maths this means that over 13 million people have been a victim of card fraud in the past, which is a worrying statistic.

When we broke the figures down over the last twelve months, we found out that seven per cent of adults claimed to have been a victim of card fraud, or just over 3.5 million people have been affected. This is actually a 3% decrease year-on-year, but it shows that card fraud is still a significant problem.

Looking at which cities in the UK reported the highest incidence; Brighton came out top with 38% of residents saying that they had fallen victim to card fraud in the past, followed by:
•    London (34%)
•    Manchester (33%)  
•    Bristol and Leeds at 32%.

Whilst you can understand why the large cities such as London and Manchester registered such high incidences of fraud, Brighton’s inclusion could be considered surprising. When we looked at what is driving card fraud, however, it may help to explain its prominence.

Card cloning or counterfeit fraud is the most dominant type of fraud affecting 20% of victims. Counterfeit fraud occurs when a fake card is created by fraudsters using compromised details from the magnetic stripe of a genuine card. Although tampered ATM and Chip and PIN machines can facilitate card cloning, letting your cards disappear out of sight in a restaurant, bar or shop can be an opportunity to copy its details – and according to the survey 17% of 18-24 year olds in Brighton exactly do this.

The research also shows us that:
•    18-24 year olds tend to be the least security conscious overall only 37% checking their bank statements on a regular basis, verses 67% of people aged 65+.
•    This younger demographic are also more likely to not shield their PIN number at an ATM and check an ATM for tampering, but let others shop online with their cards and share their PIN details with other people.

Online Fraud also having an effect

Online fraud was also just as big a problem as card cloning affecting 20% of victims. Across the UK, card-not-present (CNP) fraud remains the dominant type of card fraud with total losses of £266.4 million in 2009. Perhaps consistent with their frequent online spending habits, adults aged 18-24 were three times more likely to lose their cards details via the internet (33%) as opposed to people aged 65+.

When we looked at how much victim had taken from their accounts, the average sum defrauded was £417, with four per cent reporting losses of more than £2,000. Positively this fraud statistic is down on the 2009 average figure of £590 and is consistent with the recent fall in losses over the last eighteen months reported by the UK Payments Association.

When we asked victims how long it took them to report the loss or theft of their payment cards, the average time was 533 minutes or nearly nine hours. Encouragingly 40% cancelled lost and stolen cards within the hour, but 46% took up to 24 hours allowing fraudsters ample time to clone, or use the stolen card online.

Not surprisingly, and despite the Payment Services Regulations covering card fraud victims for all financial losses – as long as they haven’t acted with unreasonable care – card fraud is considered a highly distressing event:
•    35% of victims said they were stressed
•    40% said they were upset
•    73% were angry
•    14% said it caused them financial problems
•    10% were depressed by the experience.

The 2010 annual UK Payments Association card fraud statistics will be out in March this year. It will be interesting whether the reduction in financial losses can be sustained, or the recovering economy will see increased fraud losses as more credit is made available. Whatever the official statistics and the industry initiatives to reduce fraud, it can only work if consumers themselves are responsible and take sensible and proactive measures to look after their financial cards and information.
 

Are you sharing more of your personal information than you realise?

News Update

As part of our commitment to keeping you safe from identity fraud, we like to keep you regularly updated on any new developments that may affect the security of your or your family’s personal information.

Change to Facebook will expose personal contact information

Last Friday, Facebook told the website developers that create social networking applications used on its site that they would now have access to the postal address and mobile phone number of users who sign up to their apps. This means that ‘shady’ developers could create an app that collects users’ phone numbers and sell them to spammers and cold callers.

Facebook have now temporarily disabled this new access following some heavy criticism of the risks this will represent to Facebook users. They plan to re-enable the access once they feel they have put a system in place that adequately highlights to users the dangers of sharing this information.

Further information about this news update:

What does this mean for me if I use Facebook apps?

To justify the change, Facebook have said that making users’ personal information accessible to website developers will lead to some very useful new apps, such as enabling SMS notifications when anyone from a group of friends is nearby.

However, according to the Telegraph’s blog, the problem is that Facebook does not have any vetting procedures to check out the motives of application developers prior to the app becoming available. This absence of security has already led to many 'rogue' applications in the past. The difference now is that application developers can now directly request the home address and mobile number when a Facebook user downloads their apps.

Users will have to choose to 'Allow' this information to be shared, however, the danger is that the assumption will be made that the developers are trustworthy simply because they are supplying a service on the Facebook platform and this may not always be the case, as previous scams have shown.

Previous scams have only been able to directly request access to some basic profile information and the ability to post on the user's wall. This new move will now allow application developers access to a user's address and mobile number opening up the potential for more directly targeted scams against Facebook users.

What should I do to protect myself?

It is advisable not to have your home address, mobile number or any other contact details on your Facebook profile or pages that are publically visible. You can remove this information from your profile by going to your Profile and clicking 'Edit Profile' and then 'Contact Information' and editing /removing the information you have there. You should also read the terms and conditions of an application before you press the ‘allow’ button.

Did you know Visa has updated their fraud detection technology?

Smartphone and gadget news has been dominating the media over the last week or so due to the CES 2011 conference with information on the latest android mobile devices, gadgets and techie industry updates being revealed.  InfoSecurity Europe 2011 has released their agenda on mobile security for their conference later on this year.

Also FirstDirect launch fully transactional iPhone app, Visa ‘beef-up’ fraud detection technology and vehicle insurance companies may soon be able to access the DVLA database.

---

Media monitoring 10th – 14th January 2011:

Insurance companies may get access to DVLA database

According to Mike Penning, Road Safety Minister, motor insurance companies may be able to access the Driver and Vehicle Licensing Agency (DVLA) to assess a motorists’ driving record.

Due to data protection legislation the motorist would have to give the insurer permission to access those records reveals the Telegraph.

---

Fraud detection technology ‘beefed up’ by Visa

Visa has recently invested in new software to better detect fraudulent transactions, reveals www.computerworlduk.com:   

“The credit card payments firm said it was detecting over twice as much fraud on the riskiest transactions using the new systems. It can also detect more than three times the amount of fraudulent cross-border fraud than was previously identified.”

---

Bank releases transactional iPhone app

FirstDirect (and HSBC) have released an iPhone app which is compatible on iPhone and the iPod Touch, enabling users to ‘bank on the go’.

Finextra reports, “Matt Colebrook, CEO, first direct, says the app is about making the "banking experience simpler and quicker, allowing our iPhone enabled customers to access key features of our internet banking; whenever they want and wherever they want".

---

InfoSecurity 2011 hot topic = Mobile security

The article published on Computer Weekly reveals how smartphone security will be top of the agenda due to the growing number of smartphone owners.

As android phones such as HTC and iPhone become more predominant in peoples’ lives, the number of mobile cyber attacks will increase.  Computer Weekly, Nigel Stanley, Practice Leader at Bloor Research reveals:

“Research has shown that there has been a huge increase in the number of attacks aimed at mobile phones in the past year, and that is expected to grow exponentially in the coming months and years.”

Over the coming months we will be investigating mobile security and the development of smartphone technology, so watch this space…

Happy New Year: Keep card fraud at bay with pre-paid credit card

First of all, Happy New Year to you all!

The first media monitoring blog post of the New Year reveals how you are at a lower risk of fraud with pre-paid cards due to the restricted amount of money you keep on the card.

Also there have been a few days of coverage on the potential flaws of Chip and PIN devices, an interesting article about airport lost property and the high number of lost mobile phones and laptops that are sold on when the previous owners’ data may still be accessible…. Take a look below…


Media monitoring: 1st – 7th January 2011

Pre-paid credit cards reduce risk of fraud

With the risk of fraud ever changing, it is important to recognise how we can reduce the risk of being a victim of fraud.  A recent article in compareandsave.com revealed good advice from CPP’s card fraud expert Sarah Blaney.

Sarah explained, "One benefit of having a pre-paid card is that because it is pre-loaded with money, so there is a finite amount of money.”

Click on the link to find out more about card fraud.

---

Chip and PIN flaw revealed

Earlier this week banks were accused of covering up a ‘fatal flaw’ in the Chip and PIN system.  The news comes as a study by a Cambridge University student publishes his findings online.

The issue with publishing such information online is that fraudsters will be aware of such a flaw and may use this to commit crime.  

For more information on this news topic search for ‘news on chip and pin flaw’.

---

Airports reveal lost property to grow

Over the course of 2010, 5,100 mobile phones have ended up in lost property at 15 UK airports and 3,844 laptops.  These figures were reported online in early January, so these numbers could well have risen significantly over the Christmas and New Year period.

Whilst much of this lost property doesn't get collected according to Credent Technologies and it’s UK airports’ standard procedure is to sell lost property.  The devices may well contain information from the previous owner which the new owner could use to commit identity theft.

Click on the link for more information on lost mobile devices.

Visit our blog page for Mobile theft for more information on how to protect your mobile phone.

---

Insecure iTunes accounts

The BBC has reported on fraudulent iTunes accounts for sale in China via popular Chinese website, TaoBao.  

Approximately 50,000 stolen credit cards are listed on the site.  Apple recently sent a warning to its consumers to safeguard their personal details, though Apple declined to comment to the BBC from this latest revelation.

CPP would advise passwords to contain the following:
•    Upper and lower case letters
•    At least 1 number
•    At least 1 symbol
•    Password length should be over 6 characters long
For more information about CPP’s research, click on the link to view our White Paper on Password Security.

To read more on this story visit: http://www.bbc.co.uk/news/technology-12127603

Prepaid cards reduce risk from fraud

If you’re one of the many people who use a prepaid credit card then good news – you could be less likely to fall victim to card fraud than those who use a credit card.

There is reduced risk because having a prepaid card means it is pre-loaded with a finite amount of money. So if you've only got £200 on it, then if it's ever stolen and used, that's the max it can lose.

In contrast, a shopper with a regular credit card and a £5,000 limit has a higher exposure to risk.

The use of credit cards is obviously widespread and extremely useful; rather than not having/using one it’s more a matter of taking precautions to keep yours safe:

• Don't let restaurant or shop staff take your debit or credit card out of sight when you are paying
• Don't let anyone else take money out on your behalf. Never write down your PIN, passwords or user names.
• When entering your PIN at a cash machine (ATM), cover the keypad with your spare hand to protect it from prying eyes or hidden cameras.
• Don't carry multiple debit or credit cards in your purse or wallet, and don't carry cards loose in your bag or pocket.
• Sign any new cards as soon as they arrive in the post.
• When discarding expired cards, cut them up, making sure you cut through the magnetic stripe and the chip.

Types of card fraud

Card fraud occurs when a criminal uses your card or card details to purchase goods or services in person or online. It can happen when a thief steals your cards from you or obtains your card details by other means, such as email scams, raiding your bins or skimming your card.

How big is the problem of card fraud?
Incidences of card fraud continue to be a problem, despite the collective efforts of the police, the financial services industry and the government. In 2009 total fraud losses on UK Cards were £440.3m according to the UK Cards Association, March 2010.  Fraud is predominently driven via transactions not protected by Chip and PIN (cardholder-not-present fraud), counterfeit fraud (skimmed and cloned cards) and fraud on lost and stolen cards.

How is card fraud committed?
There are many ways in which a criminal can get hold of your card or card details and use them fraudulently:

Theft of a card
Your cards are among your most valuable possessions. Most wallets and purses contain thousands of pounds worth of credit in the form of plastic cards. That's why they are prime targets for thieves.

If a criminal steals your card, or finds a card that has been lost, he or she can use it to purchase goods and services in your name. Chip and PIN technology prevents most face-to-face purchases being made, but online purchases and telephone orders do not require a PIN number and can easily be carried out by criminals using stolen cards and a few of your personal details (see Cardholder-not-present fraud).

Cardholder-not-present (CNP) fraud
This is now the biggest type of fraud in the UK, accounting for 60% of all card fraud losses during 2009 (CIFAS, January 2010).   It is perpetrated when criminals use stolen cards or card details obtained illegally to buy goods and services over the internet, by telephone or by mail order.
It is a difficult type of fraud to combat because neither the card nor the bogus cardholder is present at the point of purchase. It means that online stores and mail order firms are unable to check a card's physical security features or to ask for a PIN number. In addition, card issuers are unable to guarantee that the information provided in cardholder-not-present transactions has been given by the genuine cardholder.

Account takeover
This is a type of identity fraud. Criminals may obtain some of your personal details fraudulently, such as your full name, address and date of birth, and use them to assume your identity. By pretending to be you, they may be able to take over the running of your bank account and arrange for payment to be taken from your account. They may also change some of your details, such as your address, so that they can have newly issued cards and cheque books sent directly to them.

Card trapping
A criminal inserts a trapping device into a cash machine (ATM) card slot which retains the card inside the machine. The criminal, waiting nearby or in the queue, offers to help when an individual's card is retained. The fraudster advises them to re-enter their PIN, which the criminal observes. The card is not released, so the cardholder gives up and leaves. Then the criminal removes the device with the card inside and uses it and the PIN number to withdraw cash or make other purchases before the card is cancelled.  

Card fraud prevention

Fraud losses on UK cards totalled £186.8 million from January to June 2010*

Although this is a decrease of 20% on the same period in 2009, it is still a massive cost to both the UK as a whole and to us as individuals. It is important that we continue to help reduce this figure further by protecting our cards from being stolen and used fraudulently.

With this in mind CPP have collated this list of top tips to help you prevent card fraud:

• Sign up to Verified by Visa® or MasterCard® SecureCode™ as this will put a stop to most unauthorised online spending

• Don't let restaurant or shop staff take your debit or credit card out of sight when you are paying, even for a second

• Check your receipts against your bank or credit card statements to make sure there are no unexpected transactions

• Shred any documents, statements or receipts that contain personal financial information. A clever fraudster can do a lot of damage with just a credit card receipt

• Don't let anyone else take money out on your behalf

• Never write down your PIN, passwords or user names

• When entering your PIN at a cash machine (ATM), cover the keypad with your spare hand to protect it from prying eyes or hidden cameras

• Don't carry multiple debit or credit cards in your purse or wallet, and don't carry cards loose in your bag or pocket

• Sign any new cards as soon as they arrive in the post

• Cut through the magnetic strip of expired cards when discarding them

• Keep track of your card expiry dates. If a replacement card hasn’t arrived by the time your old one expires, call your bank or card issuer to check whether a new one has been sent out.

By keeping abreast of how criminals facilitate card fraud, you can better protect yourself.  For more information on how card fraud is changing and card fraud statistics subscribe to the CPP Blog news feed, view CPP news pages or follow us on Twitter.


* UK Cards Association, November 2010

Keep identity fraudsters out of your business

Identity fraudsters are increasingly turning their attention to businesses and their directors to tap into the substantial credit often available in their name.
For businesses large and small, the damage caused by identity fraud isn’t just limited to their finances. Commercial identity theft can ruin a company's reputation with its lenders, suppliers and its customers.

Understand the risks of commercial identity fraud
There are many ways in which criminals can target the finances, resources and reputation of a business. Here are some examples:

• In large businesses, fraudsters may work from within the company. For example, employees may order goods for their personal use or over-order goods in return for payments from suppliers.
• If a criminal gets hold of private company information, they could set up a business account in your company’s name and take orders and payments for goods or services that they don’t supply, leaving you to deal with the angry customers.
• Identity fraudsters could hack into your website and redirect orders and payments to their own site.
• Using just a few personal details, fraudsters could impersonate company directors and then change the registered company address and directors’ details.
• Fraudsters may go through your rubbish bins to obtain company details, such as employee names, bank account details and other confidential information.
• Criminals could also use stolen credit card or bank account details to order goods and services from your company.
• In the same way that email scams and phishing attempts are used to target individuals, they can be used to obtain sensitive information about your company.
• Criminals can set up websites with very similar addresses to yours, perhaps with one letter different, in an attempt to capture some of your website traffic.
• Devious criminals may also infiltrate your workforce to obtain security passes, passwords and confidential information.

Protect your business from fraudsters
It's important that you protect your company against the threat of commercial identity theft by ensuring that all your staff know the risks and the ways in which criminals might try to target them. Make sure that people know how to identify a scam email. You should also regularly check your registered company details with Companies House to make sure they have not been changed.

Many of the same rules that apply to individuals apply to businesses too. You should shred all paperwork showing your company name and address or any other sensitive information. Make sure that you or another responsible employee checks and reconciles your bank and company credit card statements meticulously every month.

Make sure that you vet any new employees and validate new customers with reputable credit-checking agencies. If you are selling products or services online, use trusted verification systems for all payments, such as Address Verification Service/Card Security Code or Verified by Visa® or MasterCard® SecureCode™.

How are stolen identities used?

So an identity thief has your personal details… what next?

Credit card fraud
Credit card fraud is perhaps the most obvious use of your details. The thief can open credit card accounts in your name and very quickly run up huge bills. If the criminal also changes the billing address so that the bills no longer come to you, it may be many months before you know what is happening. The unpaid bills quickly mount up and the debt appears on your credit report, meaning that any further applications for credit or loans made by you are likely to be declined.

Bank / finance fraud
If the thief has sufficient details, he or she can open a bank account in your name and then use cheques and cards issued with the account to buy goods and services. Alternatively, the thief may clone your existing debit card and use it to pay for goods and services or to withdraw cash, quickly draining your account. The criminal could also take out a loan in your name.

Account takeover fraud is another type of bank fraud in which the criminal uses your personal details to change your address and redirect your mail so that they can effectively take over your bank account. In 2009 there was a 16% increase in account takeover when compared with 2008 (CIFAS, February 2010).

Official document fraud
If a criminal is able to apply for and obtain official documents such as a driving licence or passport in your name, using their own photo, the door is open for them to commit a whole range of serious crimes. They could also file fraudulent tax returns using your details and fraudulently apply for Government benefits in your name.  

Phone or utilities fraud
A fraudster could use your details to open a new mobile phone or broadband account. Or they could run up charges on your existing accounts with expensive overseas calls. They could also use your name and bank details to access and pay for other utilities, such as electricity, gas and water.

Other fraud
A criminal who steals your personal details can assume your identity in an endless variety of ways. They could rent a house or access private medical services in your name. They could even get a job using your National Insurance details. If they are caught by the police for committing a crime, they could give your details so that when they don't turn up for court, a warrant is issued in your name and sent to your address.

Resolving the consequences of identity theft can be stressful, time consuming and costly. That's why prevention is better than cure. Identity theft can take many forms, so it's important to be vigilant on many fronts.

Take time to familiarise yourself with our tips to stay safe from identity fraud or why not subscribe to our news feed for regular advice from the team at CPP?

Top tips to prevent identity theft

Resolving the consequences of identity theft can be stressful, time consuming and costly. That's why prevention is better than cure. Identity theft can take many forms, so it's important to be vigilant on many fronts.

To help you out, here's my top tips to help you keep your personal details safe from fraudsters.

Credit report checks
By regularly checking your credit report you will be able to detect the early warning signs of identity fraud.

Tackle phishing
When you want to log on to your bank and other membership websites, make sure you do so by typing the web address into your browser, rather than clicking on a link in an email. It could be a bogus email, otherwise known as phishing, leading you to a false site where your details can be accessed by fraudsters.

Check that there's a padlock symbol on any web page where you are asked to enter personal details.

Beat the burglars
Keep your personal documents, bank statement and bills safely out of sight and preferably locked up in a home safe. If you are ever a victim of burglary, check to ensure that your personal documents have not been taken.

Monitor your mail
Statements and bills contain a wealth of personal information that is useful to criminals. Note when your bills and statements usually arrive every month so if they don't turn up on time you can contact the issuer to see if they have been sent. Also confirm that the company has the correct contact details for you, since fraudsters may have changed your address or had your post redirected.

If you stop receiving mail for any length of time, contact Royal Mail to see if a redirection has been placed on your address. If you move house, make sure you redirect all of your mail to the new address.

Skimming scams
Be alert for skimming devices that are used to read the personal details stored on your card. If you notice anything unusual about a cash machine, do not attempt to remove any device or use the machine. Instead report it to the bank. Always protect your PIN number at tills and cashpoints, making sure no-one is looking over your shoulder. Never let your card out of your sight when paying in shops or restaurants. It only takes a few seconds for it to be picked up and skimmed by a criminal.

Shred it
Shred any paperwork that contains your name and address or signature, including junk mail, before you throw it away.

Deceased fraud
If a member of your family passes away, make sure that you close down any accounts or memberships they leave behind. That way they can't fall into the hands of identity thieves. Keep an eye on any post that is addressed to the deceased person. If you do receive anything to suggest that a fraudster has assumed your loved one's identity, contact the companies concerned and the police immediately.

Unwanted attention
Never give away any personal details to unsolicited visitors, charity collectors, "researchers" in the street or people who telephone your home. Always check whether people are who they claim to be before giving any information. Fraudsters may try to convince you they are calling from banks or other companies in order to falsely obtain your personal details.

Savvy surfing
Your personal details are particularly vulnerable online, where they may be accessed by many people. Social networking sites in particular are a rich source of personal information for fraudsters. Be wary of publishing any identifying information on these sites, particularly things like your phone number, pictures of your home, your address, birthday or full name.

When shopping online, keep your passwords safe at all times and change them regularly. Ensure that your computer has up-to-date security software installed and only use sites that provide secure payments. Never use shared computers or public wi-fi zones for online banking or shopping.

Thwart the thieves
Keep handbags and wallets safe from thieves. Try not to keep all your cards in the same wallet or purse and avoid carrying them all with you at the same time. Never let them out of your sight. Also, avoid carrying important documents such as your passport or driving licence unless you have to - and never carry them in the same bag as your wallet.

What is being done about card fraud?

The Government, banks and card issuers take card fraud prevention very seriously, since it costs them millions of pounds every year.

Chip and PIN

The most well known measure put in place to help prevent the fraudulent use of stolen cards is Chip and PIN. This technology combines two very effective security features. Firstly, the 'chip' or microchip on the card stores personal card data much more securely than the magnetic stripe on the back of the card, making it much harder to counterfeit. Secondly, the four-digit PIN (Personal Identification Number) is used to prove that the person using the card is the genuine cardholder.

Cardholder-not-present fraud

Chip and PIN has been very successful at reducing card fraud where the customer is present at the point of payment. However, cardholder-not-present fraud, where goods or services are paid for remotely either online, by telephone or by mail order, is still a major problem. The following initiatives have been brought in to try to tackle this type of fraud:

1. Card Security Code (CSC) and Address Verification System (AVS)

The Card Security Code (CSC) is printed only on the back of your debit and credit cards. It does not appear on any receipts or card statements. It means that only the person in physical possession of the card will know it. When you make a purchase by phone, mail order or online, you will be asked to quote the last three digits of the CSC. You should never quote your CSC to anyone other than a genuine retailer or your bank or card issuer. They will ask you for it in order to verify your identity. They will also ask you for your address, enabling them to check that it matches the address registered with the card. In combination, CSC checking and address verification (AVS) enable retailers, banks and card companies to verify that you are the genuine cardholder.

2. Verified by Visa® and Mastercard® SecureCode™  

These two schemes are secure online payment systems that prevent criminals from using stolen cards or card details for internet transactions. They are password-protected services that enable financial institutions to confirm your identity for the merchant when you are using a card to pay online. To set up your passwords for these services you are asked to enter personal details that confirm you are who you say you are. When you subsequently make a purchase online you will be asked to enter your Verified by Visa® or Mastercard® SecureCode™ password. This enables merchants to confirm your identity and puts another barrier between criminals and your information. These systems also have the advantage of being global, so should reduce fraud abroad as well as domestic fraud.

3. The Dedicated Cheque and Plastic Crime Unit (DCPCU)

The DCPCU was set up in 2002 to target the organised criminals behind the huge increases in counterfeit card fraud. It has an impressive record of success in identifying, investigating, arresting and prosecuting criminal gangs that perpetrate plastic card fraud. Now fully sponsored by the banking industry, it is staffed by police personnel, alongside fraud investigators and bank staff provided by APACS and its members.

Between 2002 and 2009 the DCPCU saved the banking industry more than £315m through reduced fraud activity, recovered more than 45,000 counterfeit cards and almost 290,000 compromised card numbers. It also secured 240 convictions on fraud-related matters. For more information, visit www.dcpcu.org.uk.

Source 2010: www.cardwatch.org.uk

Contactless Cards Question & Answer

Card payment technology is constantly evolving to keep pace with changing lifestyles, consumer and retailer demands. Contactless cards represent a convenient new way to make paying for low-value everyday items much faster and simpler.

What are contactless cards?

Contactless is a new feature that changes the way you use your debit card. It is designed to make purchases quicker and more convenient for both retailers and shoppers on transactions of under £15. The cardholder simply holds their contactless card up to a secure card reader to make the payment, rather than entering it into a Chip and PIN machine. Payment is taken in less than a second, so when you're out and want to grab a newspaper or a quick coffee, you won't have to waste time having your card swiped and entering your PIN number.

What are the benefits of contactless cards?

• Speeding up transaction times for small purchases
• More convenient than carrying cash and less cumbersome to handle than lots of small change
• Reduced queuing times in busy outlets
• The contactless capability can be provided on standard debit or credit cards, so there's no need to carry another card around with you

Where can I use a contactless card?

Contactless card payments can be made at an increasing number of outlets, many of which have not previously accepted card payments, such as fast food restaurants, sandwich shops, coffee shops, car parks, taxi firms and vending machines. For a full list of outlets that accept contactless payments, visit http://www.paypass.com or http://www.visapaywave.co.uk.

You can quickly tell if an outlet accepts contactless card payments as it will display the internationally recognised contactless logo, known as "the ripple". Contactless cards display the same logo. 

How does contactless payment work?

To pay for goods or services under the value of £15, you simply hold your contactless card up to a special reader and the payment is automatically taken from your account.

How secure is contactless payment?

Even though a contactless payment does not usually require a PIN number to be entered, the cards are underpinned by Chip and PIN technology. That means that, from time to time, cardholders will be asked by the contactless terminal to enter their PIN. On these occasions, the user will have to complete a normal Chip and PIN transaction. This measure is designed to deter the fraudulent use of contactless cards, if they fall into the wrong hands. Every time the PIN is entered, it confirms that the card is still in the possession of its rightful owner.

What are the implications for card fraud?

The limited transaction value of £15 restricts the damage a thief can do with a stolen card. The requirement to enter your PIN number from time to time should also deter criminals. Contactless cards are more secure than carrying cash since, if your card is stolen, it will be covered by your Card Protection insurance, if you have it, so you won't be liable for transactions made by the thief.

Do all banks and card issuers offer contactless cards?

No. There is no legal requirement for card companies or banks to provide contactless payment facilities on their cards. However, an increasing number are doing so as the number of retailers accepting contactless payments increases.

Can contactless payments be made using devices other than cards, such as mobile phones?

Yes, in theory they can. In other countries, contactless payment facilities have been provided on key fobs and mobile phones. However, in the UK at present, the focus is on rolling out contactless cards.

Preventing online fraud: know the risks

Did you know there is a victim of online fraud every 7 seconds*?

With this in mind, it’s important to know how to stay safe online and to know the potential risks and consequences of online fraud.

Fraudsters are becoming increasingly sophisticated, online fraud can occur in numerous ways; one of the most common ways is through phishing i.e. email scams.  

The prevalence of phishing has been a major factor in the growth of online fraud…

But what is Phishing?

Phishing is where a criminal sends an email pretending to be from your bank, government department or social networking site.  This email will try to gain your personal details so will typically contain a link to what appears to be a legitimate site. If you click on this link the site will prompt you type in your personal information such as account details, policy numbers, passwords and credit card numbers. These can then be used by criminals to commit identity fraud.

There were 51,161** unique phishing attacks in 2009 in the UK – a 16% increase on the 2008 figure.

Remember, you will never be asked to divulge personal information via email from your bank, government or social networking site.  


Bogus Lottery scams

You may receive an email letting you know you have won a big prize in an overseas lottery.  Beware! To get your hands on this prize you will need to send money for admin costs or tax costs before you can claim the prize.  You may also be asked for personal details, which the criminal may use for fraudulent purposes.


What is an ‘advanced fee’ scam?

This type of email scam asks the recipient to help transfer a large sum of money out of a foreign country in return for a share of the money. The only catch is that an ‘advanced fee’ is required. If you send off the ‘advanced fee’, you won’t receive anything in return. Remember, if something feels too good to be true, it usually is!


Avoiding online fraud

According to research by CPP, a victim of online fraud could lose on average £289*

So staying safe online is important, whether you access the web via your mobile or through your PC or laptop.  

Here are CPP’s top tips on avoiding online identity theft:

• Never open or click on links in suspicious looking emails.  Remember your bank will NEVER email you asking for personal information
   
• Make sure you have anti-virus software that is up-to-date and ensure any other security software you have is updated regularly
   
• When shopping online, make sure when paying that the browser is secure, the URL should show: https:// rather than http:// and the site should show a padlock symbol
   
• Never write down your pin number
   
• Never share your password or write it down
   
• Use a different password for different accounts
   
• Don't reveal middle names or personal details on social networking sites
   
• Do not use public wi-fi zones or shared computers for internet shopping or banking
   
• When shopping online, make sure you only use reputable sellers. Look for evidence of a physical address on their website, as well as telephone numbers. Be particularly cautious when buying from overseas companies. (Make sure you pay using a secure online payment system that offers some protection against non-delivery).

How is online fraud evolving?

Remember, keeping up-to-date with the latest scams is key to staying safe online and protecting your identity from fraudsters; make sure you take time to familiarise yourself with changing threats by searching the web or why not subscribe to our news feed for regular advice from the team at CPP?


*CPP Whitepaper, June 2010: UK online fraud
** UK Cards Association, March 2010

Stay alert to the dangers of card theft abroad

Brits holidaying abroad are attractive targets for thieves and fraudsters hoping to catch them while their guards are down. The figures from APACS for card theft abroad show that in 2009 fraud abroad cost the UK £122.7m in card fraud losses (APACS 2010).

The top destinations for card loss, according to CPP research, are Spain, France and the USA. It's important, therefore, to remain vigilant when abroad, and to look after your wallet and bags. Card theft can ruin your holiday and be very difficult to resolve if you are in a country where you have a limited grasp of the language.

Taking out Card Protection insurance before you go will help to ensure that, if your wallet or purse is stolen, the stress and inconvenience will be minimised, your losses covered and you can get back on with your holiday as quickly as possible. However, there are a number of precautions you can take to help keep your cards and cash out of criminal hands in the first place:

• Only take cards with you that intend to use. Don't carry multiple debit or credit cards in your wallet.
• Don't leave belongings unattended while swimming or sunbathing and don't hang your bag on the back of your chair in cafes and restaurants.
• Don't carry debit or credit cards loose in a bag or pocket and keep them with you when travelling to and from your destination – don't leave them in your suitcase or rucksack.
• In crowded places, keep your bag strapped across your body or held firmly with the clasp towards you. A concealed money belt is the best place to carry your cards and cash.
• Tell your bank you're going to be away and give them an up-to-date mobile phone number so they can contact you if they see any suspicious or unusual activity on your account.
• Keep an eye on your card in restaurants and cafes. Don't let a waiter take your card out of sight when you pay the bill.
• Check your receipts against your statements when you get home to make sure there are no unexpected transactions.
• Don't leave cards and other valuables unattended in your hotel room. Use a safe or your hotel's safety deposit box.
• Never tell anyone your PIN – even if they claim to be from the police or your bank – and don't write it down.

 

Do you know what your kids are up to online?

Ever watched your children surfing the net and hoped that they are not up to anything that they shouldn’t be doing?

Of course you can block certain sites and have the odd look to see what they are doing, but unless you monitor them 24/7 you are not going to have absolutely certainly that they are doing nothing wrong. After all, it's in children’s nature to push the boundaries and see what they can get away with.

Only recently a friend of mine had a shock when £150 showed up on his current account for a well known electrical online retailer. Not knowing what it was, he asked his eldest son only to discover that he had a brand new Xbox 360 hidden under his bed for the past three weeks.

So how did this happen?

Well, simply speaking, his eldest had bowed to temptation and taken his debit card and used it online to buy himself an early Christmas present. All the details he needed were on the card and it was as simple as that.

So is this common practice or very usual?

To investigate the matter further we looked into this issue and found out that it’s more common than we thought.

When we spoke to over a 1,000 children aged between 7 and 16, we found out that one in seven online purchases were done without their parents’ knowledge. Collectively this amounted to over £64 million a year.

Moreover, eight in ten children frequently use their parents’ bank cards, online accounts and PayPal. Apart from the issue of children raiding their parents’ accounts, a more serious issue is that three-quarters of children are not checking the security of websites when shopping online.

The consequences of this are that their accounts details could be harvested by fraudsters putting their parents at serious risk of card-not-present (CNP) fraud. CNP fraud remains a serious issue with losses in 2009 totalling £260 million.

It's clear that parents need to educate their children about the risks of online shopping and they should only use reputable sites that encrypt information and which are trusted and secure. Signing up to MasterCard’s SecureCode or Verified by Visa would not only add another level of secure verification, but stop children spending money without their parents’ permission.

When we looked at what children were buying, the majority were buying computer games, books, films and mobile applications. However, a handful claimed to have purchased cigarettes, alcohol and solvents.

Clearly taking a proactive approach to your children’s online shopping habits could not only save you money and stop potential fraud, but also ensure your children stay safe.

 

Best wishes, David Cameron

One story that caught my eye today was the Metro’s feature on fake e-mails being sent from No.10. These scam emails, known as phishing emails, are being ‘sent’ from David Cameron and George Osborne to try to trick money and passport details from thousands of Britons.

So what is phishing?

For those of you that aren’t familiar with the term ‘phishing’; this is an email scam where a fraudster tries to trick you into disclosing personal information. These personal details are typically then used to commit identity fraud. The volume of phishing emails being sent continues to rise at a phenomenal rate; according to CPP research more than 420,000 scam e-mails are sent every hour in the UK, with a victim every seven seconds. Overall a quarter of people claim to have fallen victim to some form of online fraud and the average victim is estimated to lose over £285 each (CPP, June 2010).

Surely people are aware of these scams now?

While some scams, such as the “Nigerian 419 advance free fraud con” have become infamous in recent years, fraudsters are becoming ever-more sophisticated in their methods. Fake banking e-mails in particular have become almost indistinguishable from legitimate ones, with logos and company styles being imitated almost perfectly.

How can I protect myself?

You can reduce your chances of falling victim to online fraud if you follow these basic precautions:

• Never type credit card numbers, passwords, or any other confidential information into a web site unless its address begins with https and the browser displays the “closed padlock” symbol
• Ensure your antivirus software is up-to-date, and that your computer is configured to automatically download and install any updates
• Never download attachments from un-trusted sources
• Be wary of any e-mails or messages which ask for personal or financial data. Banks will never ask for personal information online.
• Check their bank statements regularly and always check receipts against your bank statements
• Avoid carrying out transactions on public or shared computers

Read our full report into online fraud to find out more. 

Do you know your Vishing from your Phishing?

If you’ve had a phone call asking you to divulge personal information, then this could have been somebody ”vishing” for your personal details that can possibly be used to commit identity theft.  Finextra blogger, Robert Siciliano explains what vishing is and reveals why we need to sit up and take note!

Other news this week….

• A warning to online shoppers about online fraud – why not check out our top tips to make sure you know what to do to combat this type of fraud
• CIFAS has revealed an increase in identity hijacking

Media monitoring: 6th – 10th December 2010

It’s important during the Christmas season that we remain vigilant to the risk of fraud, whether this be identity fraud or card fraud.  CIFAS, the UK’s Fraud Prevention Service has recorded a 12% increase in identity hijacking in relation to the same period in 2009.

Monitoring your credit report is a vital step to prevent identity theft and identity fraud.  Find out more about how monitoring your credit report can be a useful tool in fighting fraud here.
 

---

Have you ever had a phone call from someone who has tried to lure you into giving out personal information?  Well, this is called Vishing.

Robert Siciliano explains on Finextra what Vishing is, what criminals get out of it and the methods they use to trick us into providing personal information.  Mr Siciliano advises: “The more you understand it, the better off you’ll be, so read up on vishing incidents, and if your bank provides information about vishing online or in the mail, sit up and pay attention. As this crime becomes more sophisticated, you’ll want to be up-to-date.”
 

---

Online shoppers need to be aware of online fraud, especially when using credit and debit cards, warns the Serious Organised Crime Agency (SOCA).  Research by Ofcom has revealed that Brits spend up to 3 times more online than other Europeans, reveals uswitch.com.

Helen Goodman’s blog post: Online Christmas Shoppers Beware, shows CPP’s top tips for shopping safely online this festive season.

Check your credit report to help protect your identity

We can’t escape the fact that identity fraud is on the rise but many of us seem to think an ostrich approach will protect us. The consequences of this could be emotionally and financially devastating; did you know in serious case of identity fraud, it can take up to 200 hours to repair your identity (National Fraud Authority October 2010)?

It is well documented that regularly checking your credit report is one of the most effective ways of spotting whether you’ve been a victim of identity fraud.

In order to dig a little deeper, CPP commissioned research to determine how many consumers are regularly checking their credit report and to also see how many have a poor credit rating as a consequence of identity fraud.

A poor credit rating could cost you money!

Our research showed that nearly 900,000 people have had their credit rating unfairly damaged by fraudsters; with 6% of 18-24 year-olds saying their bad rating was a consequence of their identity or passwords being stolen and used fraudulently. 48% said that a poor credit rating cost them money.The average monetary repercussion was £7,164; with individuals losing out on low interest credit cards and loans, having to pay higher rating of interest on a mortgage, refused a mortgage, having to pay for credit checks and lost earnings.

A poor credit rating could be bad for your health!

On average, it took people 409 days to resolve a poor credit rating. The impact of this was not just in terms of time and money but also emotionally. Our survey revealed that a poor credit rating had caused people high levels of stress, strained personal relationships, sleepless nights, and contributed to depression.

Check your credit report

When we asked people how often they used a credit report to check for unusual transactions, only 4% said they checked it on a monthly basis as recommended by experts. More worryingly, over half said they had never checked their credit report and 4% admitted that they didn’t even know what a credit report is.

Given a credit report is one of the best tools for spotting identity fraud; its worrying that consumers are not using credit reports as a means of fraud prevention and as a tool in the step to manage one’s identity.

Experian reported earlier this year that 61% of victims of identity theft found out through accessing their credit report (Experian, March 2010), so if we are to take personal responsibility for keeping our identities, safe we need to start using the tools available to us.

For more information about your credit report and how keeping informed can help you prevent identity theft then take a look at our online research document:  Credit Reports – managing the risk of identity fraud.

 

Facebook privacy concerns in the limelight again!

Facebook’s latest updates are causing a bit of a stir with regards to security and privacy as it’s believed the changes will expose more user information.

The new updates to Facebook will be rolled out gradually over the next month and are designed to reveal more information from a user’s profile.  The social networking site will prompt users to divulge more personal information with what’s happening day to day, warns security firm Sophos.

More general information such as relationship status, common interests and general information on the ‘Info’ page of your profile will be highlighted in the new set-up.  Beforehand such information wasn’t particularly important within a Facebook profile.

Users of Facebook must remember the information they disclose can be viewed by other people.  Depending on privacy settings and whether a user’s friend has their security settings set as being more relaxed than yours, their friends (friends of friends) may be able to see your profile.

Whenever you post information online it should always be done with caution and more thought than you may anticipate.  Identity fraudsters can gather information from social networking sites for their benefit to commit identity fraud.  With the latest changes to Facebook and the possibility of privacy of information you post online being viewed by people you don't know, just because you have a similar interest, the risk heightens.

There has been much controversy over privacy controls on Facebook, especially over the last year when users were encouraged to share photos and comments to wider groups.  This outlines the need to be wary of what information you post online, whether it’s Facebook, Twitter or any other social networking site.

Is your mobile phone protected from a viral attack?

With the increase in smartphone ownership expected to continue into 2011, more and more people will be using their handset to surf the web, make online purchases, access internet banking and download content such as music, videos and apps.

Most people wouldn’t consider accessing the internet from a PC or laptop without some form of virus protection software and firewall installed.  However mobile phone users will access the internet (some via wi-fi connections) from their handset without having any form of protection.

Whilst viruses, worms and trojans for mobile phones aren’t as common as those that target computers, the increased usage of smartphones will result more handsets being targeted by malicious programs. Mobile phone viruses can spread through e-mail attachments, downloads, Bluetooth transfers or by simply by receiving a multimedia message containing a virus.  

Viruses can be written to do a number of different things to your handset, from sending all the data stored in your phone back to the source of the virus, causing your handset to run up a huge bill you are unaware of.  

For example, one particular virus has been discovered where once it has integrated itself into the mobile phone handset, sends a constant stream of text messages to premium rate phone numbers owned by the criminals who wrote the code, running up a huge phone bill.

Here are some tips to help prevent your smartphone from becoming infected by a virus:

• Only open e-mail attachments where you know what the attachment is and trust you received it from
• If you’re downloading apps, do this from the app marketplace that runs on your operating system.  All apps should be checked before becoming available on the marketplace
• Don't leave your Bluetooth set as discoverable to all.  This way people trying to Bluetooth viruses won’t be able to access your handset
• Be wary of which websites you access and anything you download
• Install some protection software onto your device.

Plastic more popular than cash

So, it’s official, for the first time plastic is more popular than cash.

It’s been on the cards for a while - the inexhaustible rise in the use of debit and credit cards to pay for goods and services at the expense of cash.

There is no doubt faster payments have helped facilitate this alongside the fact that consumers no longer feel awkward about producing a debit card to pay for some bread, milk and the local paper. Years ago, there would have been a collective groan if you’d have produced a plastic card at the checkout for such purchases, but today, it’s a common sight.

So what are the figures?

Spending on debit cards reached £272bn in the 12 months to October 2010, figures from the UK Payments Council show. Spending on cash stood at £269bn over the same period.

Spending on credit cards remained steady, but there was a further decline in the number of cheques written.

There were 1.6 million more transactions on debit cards every day between July and September compared with the same three months a year earlier. The amount spent rose by 11%.

Technology is bound is play a further role in the demise of cash. Whilst many people find carrying cash a hassle, the increasing use of contactless payments utilising ‘tap and go’ technology, is generally recognised as the future of payments, further accelerating non-cash payments. According to the UK Cards Association, in the UK approximately 9.6 million credit and debit cards have been issued with contactless functionality (July 2010) and there are 27,000 contactless payment terminals (July 2010), so this technology is gaining momentum.

We also have the prospect of contactless technology being placed in everyday items such as mobile phones. This convergence of applications will happen because it’s convenient and consumers like anything that makes their lives easier.

If like me, you also object to paying £1.50 to get your own cash out of an ATM, you’ll be quite happy to embrace this new technology and the demise of cash.

Is there a downside of only using plastic to pay for goods and services? Well, it makes us more reliant on one form of payment and if we lose or have our cards stolen, we could be left without any access to cash. Failure to cancel any lost or stolen credit card or debit cards could also see fraudsters hijack and empty our accounts.

Some people are also concerned that contactless card payment leaves us open to ‘tap and go’ fraud as Chip and PIN verification is not required on items under £15, although a PIN will be needed to reset the contactless card once a £50 limit is reached.

Whatever the pros and cons of such technology, it’s clear consumers today feel comfortable using plastic to pay for even the smallest transactions and consider cash quite burdensome. The question we have to ask ourselves is whether cash will ever be completely phased out, or whether it will always have a place in society.

My bet is on cash going the same way as the soon-to-be retired cheque; well eventually!

Lose customer data and face a substantial fine

After literally hundreds of data breaches over the past couple of years, the Information Commissioner’s Office (ICO) has finally used its powers to fine organisations for breaching the Data Protection Act (DPA).

The casualties of this new found determination to do something about the continued loss of data are Hertfordshire County Council who had to pay a £100,00 fine and employment services company A4e with £60,000.

The A4e fine is particularly interesting because it involved the loss following a burglary at an employee’s home where a laptop containing full names, dates of birth and postcodes was stolen. According to media reports, the files were not encrypted meaning identity fraudsters could have opened them after cracking the main passwords.

The continued failure of many public and private sector firms to take data protection seriously is surprising given some very high-profile media reports of data breaches and institutional data theft.

Earlier this year, CPP looked into the issue of data protection and the findings clearly showed that there was limited awareness of the principles of the DPA 1998. In fact only 37% were aware that processing of personal data required registration with the ICO.

The requirement to process personal data fairly and lawfully is set out in the first data protection principle and is one of eight such principles at the heart of data protection.

Principle One of the DPA means that organisations must have legitimate grounds for collecting and using personal data, must not use the data that would have unjustified adverse affect on the individual, be transparent about how they use the data and give the individual appropriate privacy notices when collecting their personal data. In addition, organisations must handle people’s personal data only in ways they would reasonably expect and make sure they do not do anything unlawful with the data.

Furthermore, our findings found out that only half of SMEs have someone responsible for data protection with a quarter not knowing the answer to this important question. When we investigated employees’ access to data the results were equally shocking:

• 13% have no measures to protect sensitive electronic data
• 24% leave sensitive information in unlocked filing cabinets
• 61% don’t encrypt sensitive data
• 21% do not have password protection on sensitive documents
• 84% do not have anti-virus software installed on PCs
• 83% do not have firewalls installed
• 61% do not have employee training on data handling
• 67% do not have a data handling policy.

Despite these findings only a fifth (22%) of businesses considered their company at risk from corporate identity fraud.

What is evident is that there is a market in sensitive company information, despite data protection legislation. News stories of criminals paying rogue employees to forward customer’s financial information have been reported with individual records passing hands for as little as £5.

So what should companies do?

Companies of all sizes should develop policies to secure data and access to data. Sensitive company documents should be kept in a secure place with limited access to key employees and securely destroyed before disposal. Similarly, procedures relating to the access and use of data held electronically should be developed including mobile devices and storage (smartphones, USB/mobile disk storage), laptops, web access and e-mail.

If companies fail to do this and continue to lose our data, then the ICO will have no option but fine more companies for losing our data. If this is the case, they will certainly have the support of the general public. In a recent survey by LogRhythm, 80% of people said firms culpable should publicly declare data loss incidents. Furthermore, 62% felt that organisations should receive large fines and 31% of respondents thought the offence serious enough to see company directors subjected to criminal proceedings.

As with many things in business, change is usually affected by money, or in the case of the ICO a whopping big fine.

Online Christmas Shoppers Beware!

Are you all ready for Christmas? Have done your Christmas shopping already? If so, were you one of the millions of people who went online earlier this week to do their Christmas shopping as Manic Monday gripped the country? It was reported earlier this week that Monday 29 November was Britain’s busiest shopping day online. Visa Europe said they were expecting 3.8m purchases worth £265m to be made using Visa cards on Monday alone! Kelkoo, the shopping comparison site, also reported that online shoppers were expected to spend £537m on Christmas gifts.

But if like me, you haven’t done your Christmas shopping yet, and are planning to stay warm by shopping online to find those perfect presents (especially when it’s so snowy outside), then I thought it helpful to remind ourselves of some top tips to remain vigilant against the dangers of online fraud.

Unfortunately online fraud is a growing problem. Research by CPP earlier this year showed us that there is a victim of online fraud every seven seconds, with the average victim losing £285. To corroborate our own research, according to the interim 2010 half-year card fraud figures from Financial Fraud Action UK, the number of phishing attacks increased 21 per cent to over 31,448 separate types of attacks.

So to keep safe and vigilant against these threats, what do we need to look out for when searching, shopping or browsing online? One of the most important tips is to remember to always shop on secure websites. This means websites that have a small padlock symbol in the right-hand side of the address bar that encrypt any sensitive financial information that you input. Websites that start their web addresses with: https//www. means the website should be trusted and is secure. If we do shop on unsecure sites, we could be putting ourselves at risk of card-not-present fraud, where card details could potentially be used by fraudsters to take out good or services in your name. Not the Christmas present you had in mind, I am sure.

Another important tip is to always log out of sites once you’ve finished shopping. If it’s a shared computer you use, that means other people cannot go on and use your log-on details to buy their Christmas presents. And as an extra measure of security, if a website offers you the chance to use Verified by Visa or MasterCard SecureCode, then use it. It’s easy-to-use and adds another level of verification, which means you’re better protected against others gaining access to your personal card details.

Web fraudsters are becoming increasingly sophisticated and unfortunately Christmas shoppers are a prime target, particularly due to the volume of sites we are likely to visit in the search for that perfect present. While we’re all counting down the days ‘til the holiday season, it’s also time to remember those important tips for shopping safely online, so here are CPP’s top tips for shopping safely online:

• Install anti-virus protection, which scans for malicious files that give the PC or notebook a virus
• Install anti-phishing tools, which identify phishing e-mails and links that trick users into giving away private information
• Install an active firewall, which updates and upgrades automatically, preventing hackers from gaining access to a PC or laptop
• Keep your personal information safe. If someone asks for your personal details ask yourself why they would need them – particularly for online enquiries
• Don’t write down PIN numbers, passwords, user names unless you absolutely have to do so, and if you do, keep them to yourself
• If you store personal information on your PC, install up-to-date security software
• Remember the golden rule: identity thieves are experts at spotting an opportunity to steal your identity and all they need are a few personal details so look after them!

Do you know what a ‘supercookie’ is?

In this week’s media monitoring, we look at Data Loss and the results of a survey on what to do when a company loses data.

Also in this week’s post: Debit card spending increases for the first time in a year whilst cheque writing declines.  

The latest information on ‘supercookies’ reveals how product advertisements appear after you’ve been browsing the internet for a few hours.


Media Monitoring 29th Nov - 3rd Dec 2010

According to research by log analysis and management business, LogRhythm, UK consumers want tougher regulations and penalties for businesses that lose customer data.

The results of the survey of 5,000 consumers revealed 80% of the respondents felt that there should be a law to force companies to declare data loss incidents.

In a blog post by Nick Jones on how Data loss affects our personal lives, Nick explains how you can monitor your identity.

http://www.computing.co.uk/ctg/news/1906873/80-percent-uk-consumers-support-tough-style-protection-laws

-

Many major websites now set cookies to track what you do over time on your PC.  After a certain amount of time, these ‘supercookies’ develop a profile which becomes your digital footprint.  

You may have noticed this on websites such as Amazon, Hotmail, Ebay or Facebook, that particular brand advertisements begin to appear, which related to other websites you visit.

The New York Times reports, “Advertisers are increasingly using powerful software known as ‘supercookies’, such as so-called Flash and document object management (or DOM) cookies, which can hold more information, and Web bugs or beacons, which let sites record statistics like what ads attracted you to the site and whether you bought something. They are not removed when you clear out your cookies.”

http://www.finextra.com/community/fullblog.aspx?id=4768

-

According to recent data from the UK Payments council, UK consumers have spent more on their debit cards than cash over the course of 2010.  

The statistics which are released every 3 months showed spending on cash totalled £269bn and debit card spend totalled £272bn.  Whilst the data showed credit card spend remained stable, cheque usage declined further.

Why not check out CPP’s top tips on avoiding card fraud when using your debit and credit cards.

http://www.bbc.co.uk/news/business-11901953

Be wary of card fraud during the Christmas season

Whether you love it or loathe it, we’re fast approaching the festive Christmas holidays. During this festive season, it is important that all of us remain vigilant with our belongings and we’re aware of the risks of card fraud.

Many people now like to complete their Christmas shopping from the comfort of their home, with the ease of ordered goods being delivered straight to their door.

However, in an effort to find some bargains and with the risk of presents not being delivered on time, many consumers are still hitting the high street. So, it’s important that when out Christmas shopping, people are aware of the risks of having their cards lost or stolen, and the consequences this means for them.

As we get closer to Christmas, we sometimes become a little stressed or worried about finding that perfect gift – but in turn, this means we become less careful with our cards. Whilst not all lost cards will result in fraud, opportunistic thieves will use the Christmas holiday period to do their own shopping.

As well as the risks of card fraud at Christmas, it is also hugely inconvenient to have to cancel all of your cards and wait for replacements. It’s important, in the run up to Christmas, that we keep an eye on our cards to make sure Christmas shopping is stress free and to ensure we are only paying for presents you know about.

Tips for keeping your cards safe at Christmas:
1)    Don’t take all your cards with you when you’re Christmas shopping – only take with you the cards you’re likely to need.
2)    Make sure your bank has the correct contact details for you – this will allow them to contact you quickly if your card is compromised.
3)    Make sure you put your cards away safely after every transaction – don’t carry your cards loose in a pocket as this can make them easier to steal.
4)    Don’t leave any bags or belonging unattended whist you’re out shopping.
5)    Don’t write down your PIN number – if your cards are lost or stolen, this can increase the risk of card fraud happening.
6)    Finally, check all of your statements thoroughly when you return home to ensure that all transactions are genuine.

How is card fraud committed?

Card fraud can be commited in numerous ways, so its always important to follow our top tips on preventing card fraud.

Here are types of card fraud to be aware of:

Theft of a card
Your cards are among your most valuable possessions. Most wallets and purses contain thousands of pounds worth of credit in the form of plastic cards. That's why they are prime targets for thieves.

If a criminal steals your card, or finds a lost card, he or she can use it to purchase goods and services in your name. Chip and PIN technology prevents most face-to-face purchases being made, but online purchases and telephone orders do not require a PIN number and can easily be carried out by criminals using stolen cards and a few of your personal details (see Cardholder-not-present fraud).

Cardholder-not-present (CNP) fraud
This is now the biggest type of fraud in the UK, accounting for 60% of all card fraud losses during 2009 (CIFAS, January 2010).   It is perpetrated when criminals use stolen cards or card details obtained illegally to buy goods and services over the internet, by telephone or by mail order.

It is a difficult type of fraud to combat because neither the card nor the bogus cardholder is present at the point of purchase. It means that online stores and mail order firms are unable to check a card's physical security features or to ask for a PIN number. In addition, card issuers are unable to guarantee that the information provided in cardholder-not-present transactions has been given by the genuine cardholder.

Account takeover
This is a type of identity fraud. Criminals may obtain some of your personal details fraudulently, such as your full name, address and date of birth, and use them to assume your identity. By pretending to be you, they may be able to take over the running of your bank account and arrange for payment to be taken from your account. They may also change some of your details, such as your address, so that they can have newly issued cards and cheque books sent directly to them.

Card trapping
A criminal inserts a trapping device into a cash machine (ATM) card slot which retains the card inside the machine. The criminal, waiting nearby or in the queue, offers to help when an individual's card is retained. The fraudster advises them to re-enter their PIN, which the criminal observes. The card is not released, so the cardholder gives up and leaves. Then the criminal removes the device with the card inside and uses it and the PIN number to withdraw cash or make other purchases before the card is cancelled. 
 

ATM fraud and Christmas shopping scams revealed in the news this week

In the media this week:

Being vigilant and taking care when using cash machines has featured in the Daily Mail and Thisismoney.co.uk this week.  Whilst the warning of new online scams to gain identity details through copycat websites is revealed.


Card fraud experts warn how thousands of people are at risk of ATM fraud because of the difficulty in being able to tell if a cash machine has been tampered with.

According to machine network Link, approximately £36m was withdrawn fraudulently from cash machines last year and 259 machines were tampered with by criminals.  

Kerry D’Souza, CPP Card fraud expert said, “This is why it is very important to shield your Pin whenever you use a cash machine.”

http://www.thisismoney.co.uk/savings-and-banking/article.html?in_article_id=518822&in_page_id=7&ito=1565

-

Criminals are using copycat websites to offer consumers low prices for the latest gadgets and phones according to e-crime expert Jennifer Perry.  Tell-tale signs of scam websites include:
•    No physical address
•    Contact telephone numbers starting with 070.

The UK’s number one crime fraud authority Action Fraud warned that if you fall victim to ‘purchasing’ from a fake website, once you have given your details, criminals will trade these details time and time again.

http://www.metro.co.uk/tech/848298-ipad-ipod-and-mobile-phone-scams-warning-for-christmas-shoppers#ixzz16Hliu1AL

-

Wi-fi data collected by Google during the ‘StreetView’ project will be deleted as soon as possible according to the BBC.  David Smith, Deputy Information Commissioner told the BBC that the information which was accidentally collected had not ‘fallen into the wrong hands’, such as identity thieves.

CPP have highlighted the need for UK residents and businesses to ensure wireless networks are secure.  The BBC reiterated this message this week targeting smartphone users.

http://www.bbc.co.uk/news/technology-11797907

Beware of the Christmas gadget scams

Everyday people fall victim to scams and unfortunately Christmas is also a time of joy for identity thieves. With Christmas coming, you have a lot of shopping to do and festivities to celebrate. No doubt you’ll use your credit and debit cards more often and receive more post and packages than usual – giving identity thieves more opportunities to steal your identity.

This Christmas shoppers are being warned to be on the lookout for online and postal scams, especially ones with iPods, iPads and mobile phones.

Criminal gangs continue to get more sophisticated to con their victims out of millions of pounds; using slickly designed websites and even employing psychologists to write emails to potential victims.

Gadgets and phones are being offered at low prices to tempt consumers into entering their email details, an address, password and card numbers.

‘Some retailers make 80 per cent of their year’s money during the five weeks before Christmas. The statistic would be the same for online criminals,’ e-crime told Metro (24th November, 2010). ‘Sophisticated gangs have many staff; they’re not just some kid in a bedroom trying to make a few quid.’

Tell-tale signs of scam sites include no physical address for the supposed retailer and contact telephone numbers beginning with 070.
Action Fraud, Britain’s national fraud-reporting centre, said 30,000 people had contacted it in the past month.

And the National Fraud Authority warned: ‘If you are defrauded, your personal details can end up on a “suckers list”. They can then be traded by criminals and used again and again.’

Stay safe online
Here’re some hints and tips to help you stay safe online at Christmas:

• Always check the reliability of any emails you receive. If they seem to be from your bank or an online shop, do not click on any links within the email. Instead, contact the company the email claims to be from to check its validity. Banks will never ask you for any personal information via an email.
• Make sure that you have proper anti-virus, anti-spyware and other security software installed on your computer and that you keep it up to date.
• If you run your mouse over any links in an email message, its address will appear in the bottom left-hand corner of your monitor. If this address does not tally with the company the email purports to be from, it is likely to be a phishing email.
• When shopping online, make sure you only use reputable sellers. Look for evidence of a physical address on their website, as well as telephone numbers. Be particularly cautious when buying from overseas companies. Make sure you pay using a secure online payment system that offers some protection against non-delivery.
• When making payments online, use well-known firms such as NoChex, Moneybookers.com or PayPal.
• Do not use public wi-fi zones or shared computers for internet shopping or banking.
• Change all of your passwords regularly, and make sure that they are sufficiently complex, incorporating a mix of letters, numbers and cases.
• Look for web addresses that begin with 'https' or have a padlock symbol displayed next to them. You can be sure that these sites are secure.
• Do not reveal personal details on social networking sites, especially your full name, date of birth, address or phone numbers. Your real friends will already know these. 

The global rise of information theft

Kroll, the world’s leading risk consulting company, recently released their annual Global Fraud Survey, of 800 worldwide senior executives across a broad range of industries and functions, which shows that the theft of information and electronic data has seen an increase from 18% in 2009 to 27.3% this year.

Big deal! Theft of information is high profile so why is this news? Well for the first time in the four years the report has been published; theft of information and electronic data overtook physical theft as the most frequently reported fraud.

The impact on some industry sectors was seismic with the likes of financial services (42%, up from 23% the previous year), professional services (40%, up from 23%) and Technology, Media and Telecoms (37%, up from 15%) all suffering. The main reason for the level of impact on these industries is that they are information rich which equates to a fraudsters paradise.

Obviously with such an impact you would expect these companies to have the relevant preventative steps in place? Well while all the companies participating in the survey acknowledged the ever increasing severity of the problem a whopping 77% of respondents believe that their companies are vulnerable to information theft. Further concern comes across that the likes of Financial and Professional Services both indicated that it is their greatest weak spot!

In the UK we have seen a similar response to the issue of company identity theft where when we have questioned small and medium enterprises (SMEs) the lack of preventative measures and understanding of the impact led to the following insight:

•    One in five SMEs (22%) admits they may be vulnerable to corporate identity fraud due to lax procedure and protocol including:
o    47% who said their current employees have access to sensitive company data.
o    61% that don’t encrypt company data.
o    22% that allow employees to take sensitive documents out of the office.

The cost to the 100,000 UK SMEs who have reported that they were defrauded has been £1.3billion and this figure is expected to rise going forward. To see the full article click here.

So what can businesses do to combat this:

CPP’s ten-step guide to beating the ID thieves:
1.    Check with Companies House that your business’s details are accurate
2.    Enrol for the PROOF WebFiling scheme and sign up to the alert system which will warn you of any changes to company details
3.    If you receive a call claiming to be from Companies House contact the organisation directly to verify its authenticity. NB. Companies House personnel never contact directors by telephone asking them for their security codes
4.    Do not rely on Companies House records alone in determining whether to lend goods or services on credit – it is not a credit reference agency
5.    Limit employee access to sensitive company information
6.    Destroy all sensitive company data securely before disposal
7.    Password protect or encrypt all electronic versions of sensitive company documents
8.    Do not allow employees to take sensitive documents out of the office in printed format or on unencrypted USB sticks
9.    Keep all hard copies of sensitive company information under lock and key
10.    Ensure you check personal credit reports, business and personal bank accounts and invoices thoroughly. If you are unsure of any transaction, contact your bank immediately

So is this rise a one off or is it truly a reflection of the evolution of the fraudster as a “digital thief”? Well expectations are that next year’s report will show an even higher prevalence of information theft and as long as the current levels of apathy towards being proactive remain then the business community should expect nothing less.

UK’s mobile wireless networks open to attack

Following an investigation by the BBC’s Technology Correspondent, Rory Cellan-Jones, which reveals that many smartphones are vulnerable to cyber attacks, life assistance company CPP warns consumers to be vigilant against the growing threat of “Wi-jacking”.

A live experiment conducted by CPP recently revealed the dangers of accessing the internet over publicly available networks via smartphones.

An ethical hacker was able to harvest usernames and passwords from unsuspecting smartphone users at a rate of more than 350 an hour, by sitting in town-centre coffee shops and restaurants, using readily-available software.

But despite the risks, many smartphone users remain ignorant to the dangers to which they are exposing themselves, as research reveals that the vast majority aren’t aware their phones will connect to vulnerable public networks automatically.

Further research by CPP on Wi-jacking shows:

•    A typical password can be breached by hackers in less than five seconds
•    Despite this, 82% of people think the networks they use are secure
•    37% believe that if the network they use is password protected, it is secure

Michael Lynch, identity fraud expert from CPP, says: “The BBC’s experiment has revealed the vulnerabilities of smartphone use. Mobile users need to be aware that modern smartphones store lots of personal and sensitive information, so they should ensure their personal data is protected”.

CPP’s top tips on using wireless networks safely:
1.    Use encryption on your wireless access points (WAP) - Make sure you have Wi-Fi Protected Access 2 (WPA2) - the latest security standard introduced by global, non-profit industry association, the Wi-Fi Alliance
2.    By implementing a Virtual Private Network (VPN) you can create a secure wireless network.  This is achieved by encrypting all of the data that passes over the ‘insecure’ network so that it cannot be accessed by an eavesdropper
3.    Install a firewall on any network you use (an electronic barrier that sits on a network server and protects the PCs hidden behind)
4.    All wireless routers should have obscure IDs. Rather than put in any real information that can make it clear who owns the connection or that can reveal your location or business name, use something common like “wireless” or “router 1” that doesn’t give away anything critical
5.    Try to position access points, which transfer data between your devices, away from the outside wall of your building to minimise leakage of radio signals. This limits the chances of interception from outside
6.    If you run a business, don’t allow employees to add access points without your authorisation
7.    Be aware of what information you are accessing online, specifically when using public hotspots. Remember that any information you submit, including usernames and passwords, can be read by others
8.    Make sure you check your bank statements regularly to monitor for suspicious transactions
9.    Remember the Golden Rule: Identity thieves are experts at spotting an opportunity to steal your identity and only need a few personal details
10.    If you want more information on how to protect yourself or to see how CPP’s Wi-jacking experiments worked


For more information on CPP’s wireless networking experiments go to http://www.cpp.co.uk to get a copy of CPP’s ‘UK Wireless Network Hijacking’ white paper published in October 2010.

Contactless card technology expands and Get Safe Online warn of malicious software

Media monitoring this week highlights the top 12 fraud scams for Christmas 2010, the fact more retailers are using contactless card technology and also how UK internet users are warned of the threat of direct debit fraud from cold callers.

A warning to UK internet users has been issued by campaign group, Get Safe Online.  The warning comes as a quarter of people questioned by the Government  backed internet security firm, received calls to offer to fix viruses but install software to steal personal information.

The BBC reports that earlier this year Google warned of massive amounts of malicious fake anti-virus software it had revealed.

http://www.bbc.co.uk/news/uk-11754487

-

Contactless card technology is being introduced to Clinton Card retail stores throughout November in Liverpool and London.  The UK’s largest retailer of greeting cards is going contactless with RBS WorldPay, and is hoping during peak periods such as seasonal shopping that queues will be reduced.

Find out more about: What is contactless card technology?

http://www.finextra.com/news/announcement.aspx?pressreleaseid=36741

-

Home insurer LV= commissioned a study to discover how many people had fallen victim of direct debit fraud.  The study revealed more than 97,000 Britons had been conned by fraudsters taking regular payments from their bank accounts via direct debit.

http://www.metro.co.uk/news/847708-100-000-britons-are-hit-by-direct-debit-conmen#ixzz15iVsqtob

-

McAfee, Anti-virus software security company is warning customers about offers too good to be true in the run up to Christmas.  Published on the Independent online, the 12 scams of Christmas include, iPad offers, fake gift cards and malicious greeting cards.

Look out for our top tips on avoiding card fraud this Christmas.

http://www.independent.co.uk/life-style/the-12-scams-of-christmas-2010-2135627.html

New ground-breaking crime reporting system Facewatch teams up with CPP

The following blog was written by Simon Burgess, Managing Director of Facewatch Ltd

Thursday November 18th marks the launch of Facewatch the new ground-breaking crime reporting system which aims specifically at low-level crime such as shoplifting, bag and wallet thefts.

 The internet-based system links bar, pub, shop and restaurant owners to the police and also allows them to share information in real-time. It also acts to deter potential criminals from entering Facewatch members’ premises.

The partnership with CPPGroup plc (CPP) is one of the most positive features of the system.  

The fact that a victim of crime at such an emotional and sometimes vulnerable moment will have their biggest worry- that someone is using their cards and perhaps even their identify to commit further crime- taken care of 24/7 by CPP is proving to be one of the biggest attractions of the Facewatch system.

Facewatch, which will be used for the first time in Victoria’s Business Improvement District, was originated by Simon Gordon who owns and runs Gordon’s wine bar , the oldest (and busiest) in London (http://www.gordonswinebar.com).

If a crime is committed in a shop, bar or club, staff fill out an incident form online immediately, which is uploaded to the police. Staff also upload images and video from their CCTV system, which acts as vital evidence for police.

This speeds up a process which can currently take many days into minutes. It saves time and money for business and the police.

The incident reports can also be viewed by other Facewatch users to alert them to activities such as bag theft and shoplifting.

CPP’s Identity Fraud expert, Michael Lynch said: “Facewatch is a great example of technology leading the fight against opportunistic and organised crime – like our card protection service, the speed at which Facewatch operates puts the criminal on the back foot and reduces the likelihood of further criminal activity once the crime is reported to the police.”

Facewatch is unique in that it gives victims of crime an instant crime reference number, allowing them to work more quickly with their insurance companies to cancel cards or phones.

Current users include Pret A Manger, The National Gallery, Sainsbury’s, Boots, Punch Taverns, Pacha Nightclub and many other high street names.

Simon Gordon says: “Before Facewatch existed I felt incredibly frustrated that little was being done to protect my customers from bag and other thefts.

“Now we have not only reduced theft dramatically but when it does occur we can offer our customers real assistance by taking away the hassle of crime reporting and providing them just one point of contact (CPP) to cancel all their cards and provide security support. That way they can get on with enjoying their evening literally within minutes of reporting the crime to us.”

Why UK consumers should use credit reports more often?

We all know about identity fraud and the various ways this can happen, but what about the tools to fight identity fraud?

Well, there are industry measures in place to stop people’s identities being used fraudulently like the work of the Dedicated Cheque and Plastic Crime Unit and CIFAS, the Fraud Intelligence Sharing System and the banks use of intelligent fraud-detection systems, but we all know that consumer responsibility is also critical in prevention of this growing crime.

One of the ways consumers can take responsibility is through proper management of their credit report, which is widely recognised as a valuable prevention weapon in the fight against identity fraud.

In the UK however, we seem to have a bit of a problem in using this useful monitoring tool. Recently CPP Group Plc (CPP), questioned over 2,000 UK adults and we found some interesting, if not alarming, statistics.

The first point of reference was that almost 900,000 adults had their credit rating damaged by identity fraudsters, and that it took on average just over 400 days to nurse a credit file back to full health, with 50% of adults not getting the problem corrected or having no idea if their credit status is back on track.

Secondly, and perhaps more worryingly given some of the latest identity fraud statistics published by the National Fraud Authority that 1.8 million people are adversely affected by identity fraud every year, is that only 4% of us bother to check our credit reports on a monthly basis as recommended by experts, and half of people admit they have never checked their credit report, ever. Four per cent of people said they didn’t even know what a credit report is.

Not surprisingly, the majority of people only found out they had a bad credit rating when it really mattered; when they applied for a mortgage, loan or credit card.

So, we have widespread ignorance in the UK about the use of credit reports and what they can do to protect consumers.

The inherent value of regularly checking your credit report is clear when you consider that Experian has said “victims of fraud typically only discover the fraud when they review their credit reports. In 2009, nearly three in five of victims discovered that their identity had been compromised by checking their credit report.” (Source: The Insight Report – Victims of Fraud survey – March 2010).

So, what are the consequences of having your credit rating wrecked by identity fraudsters?
•    Well, nearly half of our survey said it cost them financially, with the monetary repercussions averaging over £7,000 enough to put many people in serious financial difficulty.
•    Costs included individuals losing out on low interest credit cards and loans (48 %)
•    20% refused a mortgage
•    10% lost earnings
•    Whilst, one in twenty (5%t) had to pay legal fees.

It’s not surprising, therefore, that a damaged credit status has an emotional impact with stress, strained personal relationships, sleepless nights and time taken off work quite common.

It’s also clear, despite huge media attention over the last five years, that consumer ignorance is playing a role in helping identity thieves go undetected. The vast majority of people still have no qualms supplying their personal data online, including names, dates of birth and addresses, where it is visible for all to see, and use.

With credit reports being such a useful prevention tool, we need to encourage more people to adopt a proactive stance to using them on a regular basis, in order protect their identities and ensure they are not a weak part of the protection chain.

Education to force a change in behaviour is what’s required to tackle this problem.

How secure is your data on private sector organisation databases?

Identity fraud remains a key component in the media this week – 8th to 12th November.  An important revelation from Women in Technology shows private sector businesses are more complacent with data security than public sector organisations.

Also in the news this week, how credit card cloning causes upset and unrest to its victims, Catherine Moran tells her story in The Mirror. Also how online consumers are pushing Ecommerce businesses to catch up with demand.


According to the Information Commissioners Office Public sector businesses are more aware of data protection principles than Private sector companies.  Simon Heron - Internet Security Analyst at IT security managed service company, Redscan, suggests that motivation from the private sector is lower than public sector.

This highlights the need for identity protection insurance and the need to be more vigilant when using online services and checking emails.

http://www.womenintechnology.co.uk/news/private-companies-less-aware-of-data-protection-than-public-sector-news-800227250


Using credit and debit cards abroad always poses a risk of fraud.  Finding out weeks after you return that your card has been cloned and £8000 has been spent of your hard earned cash, is what happened to Catherine Moran on her recent holiday to Cuba.  

Ms Moran’s card was cloned and only found out when her card was rejected a week or so after her return to the UK.

http://www.mirror.co.uk/news/top-stories/2010/11/10/conned-by-cuba-crooks-115875-22705466/#ixzz14s7bB0qw


Ecommerce technology is developing at pace due to unprecedented consumer demand.  Shoppers want an easy buying process with social engagement along with a cross-channel shopping experience, however online fraud is still a major threat.

BRC Fraud and E Crime Group chairman Mike Wyeth says 'middleware' that sits on an etailer’s server can pick up suspicious behaviour based on ‘device fingerprinting’ and cross-merchant transaction comparison. “So if the same device is being used but with multiple credit card account details in a short space of time you know that action needs to be taken,” he says.

http://www.retail-week.com/careers/etail-power-list-2010/whats-hot-in-etail/5019205.article


Identity fraud remains rife, according CIFAS’s 265 member organisations data.  Products targeted by fraudsters demonstrate how fraud adapts to economic conditions.

http://www.securitypark.co.uk/security_article265484.html

‘The future of ID fraud’ by Nick Jones explains how identity fraud evolves with society.  

Card Fraud Abroad

We all look forward to an enjoyable summer holiday, however, even when we’re relaxing, we need to be aware of the threats of Card Fraud.  Making sure your money, credit cards and passport are safe is important in reducing the risk of fraud abroad as cards that are stolen could be used to make fraudulent purchases.  Lost cards could also be used in this way if they are found by card fraudsters.  So it is important, try to keep your money and personal belongings safe.  

There are a couple of common scams to be aware of – if you keep your wits about you, you can help prevent yourself from becoming a victim.

One common tactic that can be used by fraudsters whilst you’re abroad is to double charge a customer on a transaction. This involves a cashier claiming that there has been an error with a transaction and re-charging your card.  However, in fact you have been charged twice for the same transaction.  Ask the cashier for the cancellation confirmation from the first transaction so you know you’re only paying once.

Secondly, you need to be as vigilant with your credit cards on holiday, as you would be at home. Don’t allow a waiter or shop assistant to walk away with your card when making a purchase.

In 2009, fraud abroad cost the UK approximately £122.7m, but the good news is that we did see a fall, mainly the result of banks fraud detection system that looks for unauthorised spending on cards.  In countries where Chip and PIN is used, fraud abroad has decreased, but in countries yet to use it as a means of verification the figures are increasing.  So be aware if you are travelling to the USA for example, as they still rely on old fashioned signature to authorise payments at the till.

Here are some top tips for avoiding Card Fraud Abroad:
1.    Notify your banks that you will be using your cards abroad – your bank will then know to expect foreign transactions on your card
2.    Make sure your bank has your up-to-date mobile phone number so they check with you that transactions are genuine
3.    Only take with you bank cards that you’re likely to use – ask yourself if you really need to carry every one of your store cards abroad with me?
4.    While you’re out, keep your cards and documents locked away in your room safe if one is provided
5.    Always check your receipts against your bank statement when you return home to make sure you’re only paying for the items you have purchased abroad.

Why check your credit report?

Would you know if your identity had been stolen and was being used by criminals? For most people, the answer is no. Not until it's too late. It can take over 13 months to realise your identity has been stolen (Experian, March 2010) and with cases of identity theft continuing to rise at an alarming rate it’s essential that we take precautions to protect our identity.

One of the most effective ways of spotting whether you’ve been a victim of identity fraud is to regularly monitor your credit report. Your credit report is a document that shows when and where credit has been taken out in your name. Experian reported that 61% of victims of ID Theft found out through accessing their credit report (March 2010).

When you check your  credit report you need to ensure your details are up-to-date and that everything is as it should be. If there are any names that appear that you don’t recognise, this could mean someone is posing as you. If there are any credit or loan agreements you don’t recognise, you could be a victim of identity theft. Contact any companies detailed in the Credit account information section to try and get full details of any accounts that have been set up in your name and to notify them of the suspected fraud. You should ask these companies to put a hold on any further action until they have investigated the account. You can also check your bank accounts to make sure you recognise all of the payments going out.

Look out for the warning signs

There are many other symptoms of identity fraud that you should look out for. These include:

• Not receiving bills, statements or other regular correspondence when you expect them. This suggests that a thief could have given a different address in your name or had your post redirected
• Receiving credit cards that you haven't applied for
• Having credit or loan applications unexpectedly refused
• Receiving correspondence or calls from debt collectors relating to items that you haven't purchased
• Have you moved recently? If so, make sure you instruct the Post Office to redirect your mail to your new address for at least a year. Notify your credit card company, bank, and any other organisations that you deal with as soon as possible.
• Are you on the edited electoral roll? Opting out of having your details on the edited electoral roll can help to keep your details safe. This won’t affect any applications for credit.

Remember to stay vigilant and to protect your name. Don’t forget your credit status is affected by your financial associations. If someone is listed on your credit report that you don’t recognise this could be a sign that your details are vulnerable. Read more about protecting your identity.

Does contactless credit card technology mean for the end of cash?

As consumer behaviour and spending habits have changed so too has the way in which we purchase good and services. Cash is no longer king, as cards control our wallets.

Although cash, in one form or another, has been around for more than 3,000 years in today’s world it is becoming less and less popular. The UK Payments Council reported a fall in cash transactions from 73% in 1999 to 59% in 2009, and in the same period debit card spending rose from £65bn to £264bn.

“Contactless technology” driving change
Things will continue to evolve with the growth of new "contactless" technology. This sees us being able to make low cost purchases with just a swipe of a card past an electronic reader. There are already about 10 million contactless cards in circulation, and it is predicted there will be four million more by Christmas 2010.

The greater convenience and speed of shopping that this technology offers are key advantages, however what would happen if your cards fall into the wrong hands? Is there an increased risk of card fraud?

A spokesman for Barclaycard said the payment method is not only convenient but safe as individual purchases are limited to £15. To prevent a thief going on a spending spree with your card, you will be asked to enter a PIN if a certain number of transactions or amount of spending has been hit – typically after £50 of spending.

Mobile payment technology
Advances are also being made in the mobile world, using technology to allow you to pay for goods using your mobile phone.  

Visa is trialling this technology in Spain, in co-operation with Spanish bank La Caixa and mobile company Telefonica (owners of 02 in the UK). Around 1,500 residents and 500 retailers are participating in the trial that sees the residents using mobile phones embed with a chip similar to that in a debit/credit card. The retailer keys in the amount to be debited, and if the total is less than e20 the customer simply holds their phone next to the terminal. Bank details are transmitted and a tick appears on the phone's screen when the transaction is complete. For more expensive purchases a PIN number is still required and, as with contactless cards Visa also runs, a PIN is asked for every few transactions as a safety precaution.

Initial results of this trial look promising, with high levels of satisfaction being reported. Concerns over security are being allayed by Visa who assures customers that advanced safety features are built into its mobile payments system to combat counterfeiting of the chip, and the payment facility can also be password protected. Visa says customers will be reimbursed for unauthorised payments in between the theft of the phone and reporting it to the bank, if they can prove payments were fraudulent and that they were not negligent with either the phone or their bank details.

So although the use of cash won’t disappear over night it will certainly fade as the advances in technology continue; Apple is believed to be developing an iPhone with mobile payment technology, and other phone companies are bound to follow suit.

Do you know how much personal information about you is available online?

I’ve picked data security as a topic for my blog post because it is the nuts and bolts of stopping your identity being miss-used.  Nowadays, your personal information is stored in so many places – from your filing cabinet or computer to company databases and internet shopping sites.  

Protecting your information in the places you control is easier than those you don’t.  For example, keeping your passwords and PINs safe, ensuring your settings on social networking sites are private and not displaying sensitive information like your address or date of birth.

However, the real risk lies in your data being stored in other places that you have no control over.  As we have seen in the news recently - with the Zeus Trojan that attacked people’s computers, allowing fraudsters to access vast numbers of internet banking accounts and clear them and various job sites losing CVs - the dangers of leaving your details exposed are sometimes inevitable.  This has almost become a part of life, especially as we use the internet more and more regularly in our daily lives.

Your personal data is stored everywhere about you and it’s difficult to control who holds this information.  When Monster.co.uk and the Guardian Job sites were hacked, thousands of people’s personal data was left in a vulnerable state.  It is important to remember you can protect yourself from incidents like these by being particular about what information you share online.  

When HMRC lost a data file a few years ago, the people who were affected couldn't have done anything to stop their details from being on that data file…

Despite this, there are things we can do that make all this data storage a bit less daunting.  Knowing what to do if you become a victim of identity theft is the most important part, and preventing yourself from becoming a victim in the first place.
 

---

In this section

• Cybercrime
• CPP Community
• Card Fraud/Theft
• Data security
• Fraud
• Data loss
• Gadget
• Home Protection
• Mobile Fraud/Theft
• Legal Advice
• Media monitoring
• Identity Fraud/Theft
• Travel

Latest Articles

• CPP takes part in York Cares’ Community Challenge

•  

  This October saw members of the CPP team taking part in two community challenges to help local projects

  ...more

• Social Sites and Why You Need to Change Your Passwords Regularly

• In the space of about 24 hours, users of Last.fm, LinkedIn and eHarmony have been the victims of password theft,

  ...more

• New research finds that bank, credit card or other account fraud by a third party on increase

• Here are some helpful tips on how you can be careful with your personal information online and when mobile …

  1.

  ...more

Popular Articles

• Poll: Has your social networking profile ever been hacked?

• Social and professional networking sites are a great way of connecting with friends and like minded people. However

  ...more

• Can social media lead to identity fraud?

• Identity fraud using information from social media

  There are, apparently, over 500 million Facebook users worldwide

  ...more

• How to avoid airport stress: stay calm, plan ahead and relax in airport lounges

• You’ve squashed a week’s worth of your belongings into a suitcase, rushed to the airport in the middle of the night,

  ...more