IT managers have been warned that most UK businesses are poorly
protected against identity fraud.
The warning comes after US federal authorities this week uncovered
a massive identity theft scam that is thought to have spanned
nearly three years and involved more than 30,000 victims.
The scam has so far resulted in $2.7m (£1.7m) in losses, according
to an FBI statement, which said three men have been charged.
Some victims reported having their bank accounts depleted, while
others reporting having credit cards, cheques and debit cards sent
to unauthorised locations. The stolen passwords and codes belonged
to various organisations that requested credit reports for their
customers, such as banks and credit services.
Peter Dorrington, head of fraud solutions at security specialist
SAS, said UK-based IT managers need to address identity fraud,
which is becoming increasingly prevalent on both sides of the
Atlantic. "Most UK companies are woefully inadequate when it comes
to protecting against identity fraud," he said. "They are
over-reliant on security procedures and annual audits, which do not
often take into account corrupt employees."
The FBI has charged Philip Cummings, who is alleged to have started
the scam while working at the helpdesk of software firm Teledata
Communications, with fraud and conspiracy.