Web sites in their thousands selling on customer data

Powered by SC Magazine
 

Subscribers conned by smallprint conditions.

More than 4,000 so-called legitimate sites worldwide could be selling on subscriber or user data without the knowledge of their users, according to identity theft prevention firm SentryBay.

The UK-based firm's chief operating officer Marcus Whittington explained that the figures come from a comprehensive database run by partner organisation, Lucid Intelligence.

The Lucid database offers a unique snapshot into the activity of identity fraudsters by comprising a list of user data which is being bought and sold on the black market.

The firm states on its web site that it contains the details of over forty million people worldwide "who have had their personal information compromised by criminals in this way".

Whittington argued that on numerous occasions data which has ended up in the Lucid database can be traced exclusively back to a legitimate site, for example, it may have been entered by a user into a big name subscription news site.

"We're finding that in the small print they have the rights to sell on the data – it may not be sold on directly but it eventually gets to the criminals," said Whittington. "There are 4,111 sites worldwide where data entered on them has ended up in the public domain."

Whittington explained that the Lucid database highlights another new trend among identity fraudsters, brought about because many anti-fraud tools now used by banks are so sophisticated they are negating traditional methods of attack.

"A lot of the major criminals have moved to committing 'card not necessary' fraud," he argued. "This is when they collect the information gathered from keyloggers, phishing attacks and other means and then create new identities. The focus is on stealing complete identities and using them for gain."

Copyright ©v3.co.uk


Web sites in their thousands selling on customer data
 
 
 
Top Stories
Innovating in the sleepy super industry
There’s little incentive to be on the bleeding edge, so why is Andrew Todd fighting so hard?
 
How technology will unify Toll
The systems headache formed through 15 years of acquisitions.
 
Immigration breached Privacy Act with data leak
Pilgrim slams "copy and paste" of asylum seeker data.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  38%
 
Your insurance company
  3%
 
A technology company (Google, Facebook et al)
  7%
 
Your telco, ISP or utility
  8%
 
A retailer (Coles, Woolworths et al)
  2%
 
A Federal Government agency (ATO, Centrelink etc)
  20%
 
An Australian law enforcement agency (AFP, ASIO et al)
  15%
 
A State Government agency (Health dept, etc)
  5%
TOTAL VOTES: 844

Vote