Personal identities for sale online for 40pOnline forums the marketplace for identity thieves

14 April 2009

Keep your PC safe with our essential security tips

Identity thieves can buy the personal details of a UK citizen for ‘less than a can of cola’, according to a new security report out today.

These details are advertised for sale on underground internet criminal forums, which serve as a one-stop shop for high-tech identity fraudsters.

The wealth of stolen personal information available has meant that a price war has developed with the cost of UK credit card falling as low as 40p, according to the annual Symantec Internet Security Threat Report. Bank account details sold for as much as £675, while full identities could be bought for between 50p and £40. In the hands of identity thieves, this information is potentially worth thousands.

Underground economy

Guy Bunker of Symantec said: ‘This recession-proof underground economy is reaching such a level of growth and maturity that there are signs of a price war developing, as online criminals find it increasingly easy to steal private details, and barter to sell them for bargain prices.’

Identity thieves are able to gather lucrative personal details with the help of computer viruses or malicious code, which have grown at a record pace.

Most computer infections are picked up just by surfing the web and visiting legitimate websites that have been compromised by hackers. Around 90% of these computer threats, detected by the Symantec researchers, attempt to steal personal information that is then sold to sophisticated identity thieves.

For details of how you can protect your PC from these threats, see our Best Buy security software guide.

The report says: ‘The compromise of a single website can cause attacks to be launched against every visitor to that site.’

Web browser vulnerabilities

These attacks target vulnerabilities in the users’ web browsers with many attacks happening with very little interaction apart from the user visiting the site that the attack originates from.

Investigators said the UK suffered the second highest level of malicious online activity in Europe, the Middle East and Africa (EMEA), with 11% of the region's total. Germany topped the league with 14%.

Symantec said it had also seen a 192% increase in spam across the internet as a whole, to 349.6 billion messages in 2008.

Sign up to the weekly Which? tech email

Sign up to the Which? technology email

Keep your finger on the pulse of digital technology with the weekly email from the Which? Technology team

Every Tuesday we'll send you the latest news and reviews of MP3 players, mobile phones, cameras, high-definition TVs and other gadgets. 

Packed with the latest product launches, First Look reviews, expert advice and some incredible deals - can you afford not to be the first to find out?

Plus there are regular prize draws - we've already given away a 32GB iPod Touch and a Sony PS3.