An undercover investigation by the Sunday Times has revealed that corrupt call centre workers are selling the personal details of unsuspecting Brits for as little as 2p. Personal and financial data is being touted to everyone from legitimate marketing firms to criminal gangs.
So what's going on?
The stingInvestigative reporters from the newspaper met with who men, who claimed to be IT workers at a number of call centres, and said that they could get their hands on a huge amount of personal and financial data belonging to half a million British victims.
Among the information at their fingertips were everything from names and addresses to credit card numbers, expiry dates and even the three digit codes from the signature strip. One 'consultant' showed the reporters a laptop of data that was on offer. He also claimed that the stolen details were less than 72 hours old, which means that the victims were highly unlikely to know of any breach of security, and they were ideal targets for fraud.
The operation also found corrupt individuals willing to sell on details about the mortgages and loans held by individuals, and certain contracts. These could be sold to legitimate companies to target them with marketing, or be used to win the confidence of victims in order to extract further sensitive details from them in order to exploit their weaknesses.
What can you do?The truly damaging thing about this investigation is that in many cases there is really nothing we can do to protect ourselves. This data has been procured in such a way that no personal protections could keep your data safe. Likewise, they could be used to make direct transactions - so the victim would be completely unaware of an attempt to steal their cash.
The only protection we have is to keep an eye on our accounts. Now that online banking is so prevalent we shouldn't be waiting for a monthly statement - by which time it could all be too late. Instead we need to make an effort to check our account regularly, and if there's anything we don't recognise, we shouldn't be afraid to bring it up with the bank immediately.
In an era where your data is so easy for others to get hold of, your only protection is to be quick to catch it, so as little harm is done as possible.