The warning comes after US federal authorities this week uncovered a massive identity theft scam that is thought to have spanned nearly three years and involved more than 30,000 victims.
The scam has so far resulted in $2.7m (£1.7m) in losses, according to an FBI statement, which said three men have been charged.
Some victims reported having their bank accounts depleted, while others reporting having credit cards, cheques and debit cards sent to unauthorised locations. The stolen passwords and codes belonged to various organisations that requested credit reports for their customers, such as banks and credit services.
Peter Dorrington, head of fraud solutions at security specialist SAS, said UK-based IT managers need to address identity fraud, which is becoming increasingly prevalent on both sides of the Atlantic. "Most UK companies are woefully inadequate when it comes to protecting against identity fraud," he said. "They are over-reliant on security procedures and annual audits, which do not often take into account corrupt employees."
The FBI has charged Philip Cummings, who is alleged to have started the scam while working at the helpdesk of software firm Teledata Communications, with fraud and conspiracy.