Identity Fraud - Manchester Evening News - 5.1.04

Manchester Evening News – Monday, 5 January 2004

A bank worker clearly thought that simply tearing the pile of A4 paper in two would be an adequate security measure. He or she was wrong. I was able to piece the simple jigsaw puzzle back together within seconds- and read the names, addresses and private business dealings of dozens of unwitting customers.

The information, bundled with other rubbish in a see through, white plastic bin bag, was discarded at the side of a well-known bank in the financial district of Manchester city centre.

And it was just one worrying example of the security lapses an MEN survey uncovered in the plastic bags, skips and bins which line the city’s back streets.

In another pile of rubbish off busy Market Street, I found a sales receipt bearing the bankcard details for one individual – all that would be needed for a fraudster to make a telephone or internet purchase.

Other sensitive personal and business information included copies of a fax outlining the estimated costs of a transaction- complete with the names and telephone numbers of both parties.

There were numerous bags containing information, which would be very useful to a competitor, including the names and addresses of business contacts.

One expert believes the cost of such scant regard for security could be catastrophic to individuals and small businesses. “ It’s a big problem,” says Peter Ferguson a former policeman, who runs Corporate Fraud Solutions in Preston. “Companies have a duty to protect the information available to them about their clients and customers. “Smaller limited companies are just as likely as individuals to be victims of identity theft. Information of this type gives criminals the opportunity to create new identities for themselves. Then they are free to do what they wish with it.”

Key information useful to criminals includes dates of birth and current and previous addresses – the kind of details used to help establish identity in applications for credit products, bank accounts, insurance and utilities. Only this weekend, it was reported that homeless people in London were being recruited by Fraudsters to rifle through bin-bags to find credit information for which they were paid.

According to the Credit Industry Fraud Avoidance System, which counts mail order and retail-credit firms among its members, there were 74,000 reported cases of identity fraud last year, compared with 53,000 in 2001. For the victims of identity theft, it can be very serious indeed, often affecting their credit rating and their ability to obtain finance, insurance or even a mortgage.

However, identity theft is not yet a crime, meaning that cases of identity fraud are hidden within the statistics for crimes of deception or theft.

Big business also has a lot to lose. Research by accountants KPMG found 55 per cent of companies have experienced some kind of fraud, with the crime costing blue-chip companies between two and five per cent of turnover every year.

But ultimately, fraud affects everyone. Analysts estimate that the hidden annual cost is £650 per person in higher prices of goods and services. Mr Ferguson, who offers training in fraud avoidance, adds:” Some individuals are completely and utterly unaware of identity theft.

“They believe that their bank statement will eventually be grinded to mulch by a council workman after it has been placed in the bin. The reality is that the amount of information available to people in a dustbin is unbelievable.

Some of it may be personal information relating to medical matters. Some of it may be financial information. When it comes to information discarded by businesses, there are even stronger reasons for them to take care, as it could be regarded as breach of the Data protection Act.”

“A bank would no doubt refuse to give you the address of a customer, and here they are discarding a list of names and addresses in a bin bag at the side of the road.”

However, there are signs that some businesses are beginning to get the message. Many restaurants now leave credit card details of the receipts.

And Gordon McKinnon, chief executive of the Manchester City Centre Management Company, claims that retailers are waking up to the reality of fraudulent activity.

“Fraud in the city centre in November was 9.1 per cent down on the same period on the previous year,” he says.

“More than 200 representatives of businesses in the city centre have now attended courses outlining how best to avoid fraud. We are absolutely serious about it and think that the people who have not attended such a course should sign up as well.”

Advice for businesses

All sensitive information should be disposed of by businesses in a secure and effective manner, says Corporate Fraud Solutions’ Peter Ferguson. He points out that this is a legal requirement under the Data Protection Act.

He adds: ”Any company which operates within the requirements of the Data Protection Act should appoint a data protection registrar responsible for ensuring that breaches do not take place.

“It doesn’t matter how rubbish is disposed of, so long as it is done in a secure way. That could involve the use of a shredder, or a secure disposal company.”