Second-hand computers are a treasure trove for ID fraud
Second-hand computers are providing a potential treasure trove for criminals committing identity fraud, according to new research carried out by the University of Leicester.
Second-hand computers are providing a potential treasure trove for criminals committing identity fraud, according to new research carried out by the University of Leicester.
The new study into identity theft found that half of the second-hand PCs bought by the research team had not been securely cleaned of data, and that commercially available software could easily be used to retrieve information by an identity thief.
Data retrieved included full name and details (sort code and account numbers) for eight separate accounts with a major high street bank; an e-mail from a travel firm confirming details of a new online account, including password; correspondence with a bank noting change of email address; and details of a CV outlining qualifications and where the person studied.
The study Second-Hand Computers and Identity Fraud was led by Professor Martin Gill, and focused on the second-hand PC market which now accounts for one in 12 of the computers in use worldwide.
Professor Gill said: The fact that we found so much personal information through a focused study indicates that the potential for fraud and identity theft from the second-hand PC market is huge.
More and more of us use PCs to conduct our personal business. We must all be careful not to overlook the virtual information trail that we leave behind us.
Simply re-formatting a hard drive is not enough to make data irretrievable. Anyone disposing of a personal computer must ensure that all data is securely deleted using specialist software to wipe over every sector of the hard drive.
In one instance a computer which provided plenty of personal information was bought via an internet auction; the seller not only said that the computer had been re-formatted, but he also noted that 20 more of his clients old computers were shortly going to be made available for auction.
Professor Gill said that internet auction sites represent a good opportunity for identity fraudsters to obtain previously used computers; based on the results of a search conducted across one popular auction website on January 24, 2006, as many as 13,000 second-hand or refurbished laptops and PCs are up for auction at any given time.
However, its not just those that sell their unwanted computers that are under threat. The reports sponsor, Capital One, has warned that disposing of a PC is just as dangerous, as discarded computers and hard drives can be picked up for free, or for a small charge, at local refuse centres.
Justin Basini of Capital One, added: To date most of the advice surrounding protecting oneself against fraud and identity theft has centred around looking after personal, paper-based documentation. But that wont account for the digital fingerprints that we leave behind on our PCs.
We hope that our study will alert people to the dangers and encourage them to thoroughly cleanse computers before letting them out of their possession.
According to research published by CIFAS, there were approximately 60,000 victims of identity theft in 2005 (a 14 per cent increase over 2004), and APACS reports that seven per cent of all plastic fraud is related to identify fraud, costing approximately £37 million last year alone.
The report outlines basic advice for wiping data from PCs, including:
Remember that the delete function does not securely wipe/erase the data much of it will be retrievable.
Reformatting the hard drive does not wipe/erase the data.
Always wipe the whole hard drive using a specialist software application before disposing of the computer.