The company found that the number of alerts regarding phishing – where a hacker uses an email pretending to be from a bank or other brand holder to try and trick victims into sending personal information – rose a hundredfold in the past two years.
Examples of key-logging software, which records what keys a user presses and logs the information for use in identity theft, rose by 250% since 2004. Key-logging can allow thieves to use your user names and passwords to impersonate you to take money from your bank account, borrow money or carry out many online transactions as if they were you.
“Identity theft is a global phenomenon that threatens all of us, which means we all need to become more aware, more vigilant and less trusting to protect ourselves,” said Jeff Green, senior vice president of McAfee Avert Labs. “By learning where we are vulnerable, and how and why criminals engage in identity theft, we can then take the necessary precautions to avoid being victimised."
Not all the tactics reviewed by McAfee are technical, though. Traditional bin raking can still yield results, such as bank account details and account numbers. Other examples of carelessness which hand potential identity thieves vital information include the failure to erase hard drives on sold or thrown out computers and the too-casual sharing of email addresses.
McAfee provides guidance for computer users who want to avoid identity theft. The company says that to avoid phishing scams users should not click onto links within emails to banking or other sites, but should manually type addresses into a browser to avoid going to a site which has a spoof address.
It also says that users should use caution when using instant messaging software and when opening email attachments.
The Home Office has estimated that identity theft costs the UK economy £1.7 billion a year. Half a billion pounds of that money is accounted for by credit and payment card issuers who pay the bill when fraudulent use is made of credit cards. Around £15 million is said to be lost a year to pension funds in the UK because of identity fraud.