Criminals are buying and selling bank account details online for as little as £5, according to a new report.
Internet security expert Symantec says there is ‘maturing underground economy’ in stolen information.
It said credit card information was being sold for 20p and a full identity could be bought for as little as 50p.
Bank account details have become the most frequently advertised item sold in so-called ‘cyber-crime supermarkets’ making up 22% of all goods and selling for as little as around £5, the report noted.
Symantec says that phishing also continues to be a problem.
Phishing emails are fake emails which claim to be sent by a site such as eBay or PayPal or your bank.
But links embedded within the emails direct users to fake websites which look very similar to the real thing.
These sites will then ask for personal information such as a credit card number, username or account password in order to steal your identity.
Social networking sites
Symantec said there had been a 167% increase in phishing sites since the first half of 2007.
Symantec also found regularly visited websites – including social networking sites – are being targeted by criminals as a means of getting people’s data.
Our advice is that you should never reply to emails, or use links in emails, even if they look like they’re from your bank or another genuine website.
If you’re emailed or phoned by your bank, use its normal contact numbers to confirm whether the message is genuine.
It is a good idea to use a spam filter on your PC to block unsolicited emails- See our security software report for current Best Buys.
In another worrying development for bank customers, HSBC has admitted losing a disc from its Southampton office containing details of 370,000 customers.
The disc went missing about four weeks ago after being sent from this office to a reinsurer with an external courier.
It contained the names, dates of birth and insurance cover levels of people with life assurance at the bank, generally linked to a mortgage.
HSBC has informed the Financial Services Authority (FSA) about the breach and it is thought the group could be investigated and face a fine if the regulator finds that security was lax.