The survey of 975 UK adults found that two thirds of respondents were concerned about identity theft, while one in four had come into contact with it.
Identity theft comes in many different forms. Sometimes ID thieves gain access to bank accounts to steal money, run up bills, launder money or carry out benefit fraud.
Others go on-line, sending spam e-mails containing viruses that access information on peoples' computers, or phishing e-mails that look like bank correspondence asking people to 'confirm' their security details.
Off-line, thieves make bogus phone calls from 'banks' requesting security details to check suspected fraud, read credit card strips to clone cards or shop on-line, and even raid bins for sensitive documents. Armed with some details, it's easier to get more.
In a practical experiment, a Which? researcher managed to steal the identity of a volunteer with relative ease – obtaining his birth certificate, his mother's maiden name, place of birth, mortgage value, a plan of where his flat is on his street, medical data and details of his shopping habits and how often he visited the gym.
An attempt to access the credit card account of volunteer Malcom Coles' (editor of Which? magazine) using this information was only foiled by the fact that Malcolm hadn't got round to telling his bank he'd moved.
"I couldn't believe how easy it was for someone else to assume my identity," said Coles. "Sitting on my desk was a folder with my birth certificate, a print-out of how often I went to the gym and my mortgage details. If this is what an amateur can do, imagine how easy it is for an experienced criminal."
"Even a simple step taken by industry to stop accepting mother's maiden name and place of birth as default passwords would be a good start, as it's too easy for fraudsters to get hold of this basic information, which is where the process of stealing an identify begins," he added.
According to Which?, there are easy ways to avoid ID fraud: