It's so easy to collect this information from people, for example those nice
direct debit blaggers that hang around the streets and work for a different
charity each day. We all assume they work for a recognised charity and not
for themselves. Well on the street you give them your bank details and home
address, your date of birth and I have been told they also ask for you
credit card details just in case the bank refuses the direct debit.
Richard Talbot
Data Protection Adviser
-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]] On Behalf Of Tim Trent
Sent: 04 March 2005 08:10
To: [log in to unmask]
Subject: [data-protection] Identity Theft - Nightmare scenario
Now I know Identity Theft is fats becoming a media buzzword. I saw the
survey that says that one in four of us "Has had their identity stolen" or
"Knows someone who has had theirs stolen". I laughed at the second element
because I thought it was like the people who know someone who knew the
person who microwaved her poodle to dry it after a walk. I think I have
joined that one in four. A few things conspired to make me think it may
well be much more serious that the TV programmes have shown us
TV last night showed a programme on traffic wardens and their "secure"
disposal of credit card details in a wheelie bin that often overflowed. The
news item about "one in four of us" germinated and sprouted. And I was
contacted by someone who had been arrested because his credit card details
appeared in 2003 on a Danish web site that touted illegal and deeply
unpleasant imagery and was scared witless because he had never been there,
but had, not unreasonably, had his home entered and a great deal of
potential evidence seized for examination. I am not going into the morals
here. He is either guilty or innocent.
But it struck me forcibly how easy it is for someone to do this to someone
else. To anyone else. For me to do to you or you to do to me.
To do it to you I just have to visit that wheelie bin and get your card
number and name (and I have your address because it's there, on the
paperwork), the expiry date and that three digit number that I am told is
intended for web transactions but that every phone based business records as
well. Then I look for the material I want, probably by cruising in a car
with a laptop until I find an insecure wireless network to log in through,
which will make the IP address a random person's. It could even be yours at
home. Then I put your credit card details into "averynastyplaceindeed.com"
(it didn't exist this morning, but I bet someone registers it by this
afternoon) and download the stuff that the police will later arrest you for.
It may never appear on your credit card statement, either. There may
actually be no charge (yeah, right!). But, if it does, it will slip under
your radar because the sum will be named something innocuous.
A reasonable question here, and I expect we have a financial institution or
so on this list to help answer it, is how can the ordinary person know that
this has happened (until the 6am knock on the door, of course. I understand
one notices that in a highly stressful manner), how can they protect
themselves from it, and most importantly, how can they defend themselves
against it?
Tim Trent - Consultant
Direct: +44(0)1344 392644 Mobile:+44(0)7710 126618
email: [log in to unmask]
<blocked::mailto:[log in to unmask]>
Marketing Improvement Limited, Abbey House, Grenville Place, Bracknell,
United Kingdom, RG12 1BP <blocked::http://www.marketingimprovement.com/>
http://www.marketingimprovement.com
This message is for the intended addressee's use only. It may contain
confidential, proprietary or legally privileged information. No
confidentiality or privilege is waived or lost by any mis-transmission. If
you receive this message in error, please immediately delete it and all
copies of it from your system, destroy any hard copies of it and notify the
sender. You must not, directly or indirectly, use, disclose, distribute,
print, or copy any part of this message if you are not the intended
recipient. Any views expressed in this message are those of the individual
sender, except where the message states otherwise and the sender is
authorised to state them to be the views of any such entity.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
The Information contained in this E-Mail and any subsequent correspondence
is private and is intended solely for the intended recipient(s).
For those other than the recipient any disclosure, copying, distribution,
or any action taken or omitted to be taken in reliance on such information
is prohibited and may be unlawful.
Emails and other electronic communication with QinetiQ may be monitored.
Calls to QinetiQ may be recorded for quality control,
regulatory and monitoring purposes.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
