Brits risking ID theft on social networking sites - survey

Brits risking ID theft on social networking sites - survey

Brits are putting themselves at risk of identity theft by posting sensitive personal information on social networking sites, according to a poll for Tesco Personal Finance.

The OnePoll survey of 2000 British social networking site users shows 65% are worried about identity theft.

Yet more than half (57%) are happy to publish their date of birth on their personal pages, 56% disclose the name of their home town and 31% their employment details.

Compounding the risk, 18% claim that they allow their information to be seen by "everyone" - meaning it is accessible to anyone who uses the site. Almost three in ten have accepted "friend requests" from people that they do not actually know - giving the "friend" access to potentially sensitive personal information.

Even more worryingly, three out of five respondents have never changed their password, despite the fact this is recommended by social networking sites.

Michael Lynch, security expert, CPP, says: "The information that people are displaying on social networking sites is the very information that financial services organisations often request to verify identity. In the wrong hands, the information could easily be abused."

Last year research by US IT security firm Sophos found that four out of 10 users of online social networking site Facebook would readily divulge personal data over the network that could expose them to the risk of identity fraud.

Sophos set up a fictional account on Facebook and sent out 200 "friend requests" to users to observe how many people would respond and how much personal information they would divulge.

The firm found that 87 of the 200 Facebook users contacted responded to its request, with 82 (41%) leaking personal information such as phone numbers, date of birth and e-mail addresses to a complete stranger.

Comments: (1)

A Finextra member
A Finextra member 02 December, 2008, 14:39Be the first to give this comment the thumbs up 0 likes

Two related points on this:

1) The passwords not changed regularly is worrying but no surprise.  We already know that consumers regularly use the same password across multiple sites because it is hard to remember multiple passwords.  There will be increasing attacks related to soft authentication methods.  Those people who are worried about their security, and the number is growing, should be offered optional stronger authentication even on social networking sites, at an additional cost to the consumer if neccessary.

2) The publishing of personal data is a major problem.  The idea that people are accepting invitations from strangers even more so as there is a false sense of security when you are only publishing to people you want to publish to as you are more likely to reveal more.  I have to say the solution which would most easily reduce but not eliminate this is education from the social networking sites.