|
Internet
Security
Internet
control, email and network protection
Second hand computers still an ID fraudster’s dream
01 August 2007
 Navigant Consulting, Inc. has revealed that many second-hand computers available from on-line auction sites and second-hand computer shops may still contain enough information to enable fraudsters to steal identities along with bank account and signatory details, despite people going to considerable lengths to delete such confidential data prior to the sale.
To demonstrate the potential magnitude of the risk Navigant Consulting purchased three second-hand computers last week, and was able to determine that one of the computers still contained sensitive personal information on the hard drive.
Andrew Durant, head of Navigant Consulting’s fraud investigation team, said: “The seller would have believed all personal information been deleted when the hard-drive was reformatted and a new operating system was installed, but that is simply not good enough. Many individuals, companies and other organisations still do not understand the precautions they need to take when selling their used PCs in order to protect personal information.”
“Given all the recent publicity about ID fraud I was shocked to find this level of personal and corporate information on a second-hand computer. If it got into the hands of a fraudster it would be Christmas, Easter and his birthday all at once.”
Based on an analysis of the computers, Navigant fraud investigators discovered information from a community college on the second-hand computer, including:
• Student names, addresses and photos;
• Staff budgets and payroll schedules including names and salary details;
• Bank account standing data payments and receipts;
• A letter to the bank including full bank account details and signed by the authorized account signatory;
• Students’ lone parent and benefit applications.
“This level of information potentially put students, staff, suppliers and the college as a whole at risk from fraud,” explains Durant.
“The message is simple: if you can’t securely delete your data, don’t sell your computer. It is possible to download software from the internet to securely wipe data from your PC, or better still, take it to a reputable reseller and ask them to do it for you.”
Andrew Durant added: “If selling a computer, it is far better to destroy the hard-drive and replace it with a new one, which can be bought for as little as £20. If the cost of a new hard-drive is more than the price you hope to get from selling your computer, then don’t sell it because of the risks.
“Even disposing of used hard-drives at the approved local council site isn’t completely safe as hard-drives have resurfaced in such places as Lagos, Nigeria, with the data recovered from them used in frauds.”
Navigant Consulting securely and completely deleted all the information recovered from the laptop computer and informed the community college of the security breach.
Other Internet Security News
|
Security White Papers
|
| | | |  Webroot announces channel expansion in Ireland
Webroot has announced its plans to recruit an additional ten strategic channel partners in Ireland, to expand the availability of Webroot Web Security Service, Webroot Email Security Service and Webroot Email Archiving Service. | |
|
 Understanding the value of outsourcing network security services
This white paper will examine the many new challenges that are facing today’s network owners, the pros and cons of using in-house resources and outsourcing for your network assessment and day-to-day monitoring, as well as guidelines to help select and maximize the value of outside resources. | | |  The Trend of Threats Today: 2005 Annual Roundup and 2006 Forecast
Trend Micro
The report that follows is not only an account and analysis of 2005 threat
incidents. It also serves as a forecast of what the future holds in 2006 and
onwards. Through Trend Micro‘s extensive research and analysis of the 2005
incidents, this paper documents how threats evolved into the multi-purpose
threat regime – thus providing corporate and home users information on what
to do to ensure they remain protected against future threats. Download free white paper.
| If you can't beat it, manage it
David Caughtry of Computerlinks looks at the challenges facing IT managers with the growing use of Instant Messaging in the workplace. | |
|
|
|
|
|
Related Articles
|
- TJ Maxx retail giant admits hackers stole 45 million credit card details
Largest credit card heist in history steals information from shoppers
- Phishing, phaxing, vishing and other identity threats
Fraudsters don't just want your bank account information. With an increasing risk from phishing, vishing and phaxing tricks, could you recognize a spoofed website, designed to commit identity theft, damage a company's reputation or incur legal liability?
- Survey shows uncontrolled network access causing CTOs sleepless nights
A survey of more than 200 CTOs has revealed that internal security – protection within the Local Area Network (LAN) – is currently UK organisations’ Achilles heel, leaving them open to dangers such as loss or theft of sensitive information, fraud and litigation.
- MCAFEE INC. EXPOSES THE PSYCHOLOGICAL WARFARE USED BY CYBERCRIMINALS
New research reveals the mind games used by cyber fraudsters to exploit human nature to gain money and personal information
- BBC laptop theft – ‘Previous incidents should have served as a warning’
The BBC has confirmed that a laptop and several memory sticks containing names, addresses, phone numbers and holiday details has been stolen from a staff vehicle
- Nurse loses $400,000 to Nigerian email scammers
If you’ve got an email account then chances are that you’ve received one of these too
|
|
|
|
Sourcefire launches Razorback, delivering a framework for multi-vendor threat detection and protection 
Trusteer warns financial malware is attacking leading US banks using Visa and MasterCard 
Barracuda spam & virus firewall offers broader outbound email content filtering capabilities 
Over half of IT professionals are still leaving mobile security to chance
What every CEO should know about advanced persistent threats and industrialised hacking
GFI warns one anti-virus engine is not enough to protect your business
Are you becoming a one-stop security shop?
