The impact of the recent HM Revenue & Customs security fiasco is predicted to hit individuals for some time, possibly years to come. A Times Online article reports that the high street banks fear an onslaught of bogus email campaigns if the data gets into the wrong hands. Even if the data is lying somewhere on Government property (as claimed by HM Revenue & Customs in their letter of apology to child benefit holders), unscrutables could still tap into the current identity fraud fear by sending phishing emails asking people to update their security details and thus gain access to personal data via another means.
Although the data lost by HM Revenue & Customs does not allow fraudsters to open new bank accounts (or access existing ones), security experts say that it would be safe to assume identity fraudsters could easily get access to credit card cloners and forgers - enabling them to provide the necessary documentation to banks and building societies.
One banker warned "they could post leaflets that appear to come from a customer's bank, would be able to quote an account number, be correctly addressed and could invite recipients to phone a fake call centre to apply for, say, a special offer. Once you call, they ask for your password - and bingo."
So we could be financially compromised directly by bogus call centres, less directly by fraudsters buidling on the bank account information and personal data they now have or less directly still by those exploiting child benefit holders and sending out emails that the unaware could reply to and leave themselves open to identity theft. Whichever way you look at it - this is a fraudster's dream.
A report in the Guardian warns of the ease with which fraudsters can sell on personal data on the black market. Bank account details - name, branch, account number, sort code and internet login can be exchanged for as litte as 75 dollars a time. One seller was quoting a 1% commission based on the current bank account balance in question (a Halifax account). The seller boasted that the account could be virtually cleared before either the account holder or the bank were aware of the theft. One source of the illegal acquisition of data was tracked to a website registered to the Cocos Islands in the Indian Ocean. The "sales people" were contactable via email - routed via USA and Russian-based servers, and using an instant messaging service (ICQ) that immediately deletes messages. One identity theft expert, Daniel Harrison even compares the exchange of personal data to "an underground eBay".
The only comfort from this picture of doom comes from Brian Mairs, spokesman for the British Banking Association:
"Customers have every right to be concerned and this is a double whammy for them after the bad news from HM Revenue and Customs earlier in the week. But they have the assurance that they will not lose out financially if they have not been responsible for the data being compromised."
If you have any concerns relating to the recent HM Revenue & Customs data loss, visit their website at http://www.hmrc.gov.uk/childbenefit/update-faqs.htm
The Times Online website also has a useful Question and Answer section: http://business.timesonline.co.uk/tol/business/money/consumer_affairs/article2914369.ece
privacy and cookies policy