Keyloggers tap into ID theft trend, report finds

16 Jan 2007

A new report on worldwide trends in identity theft has found the number of programs used to steal passwords and confidential data from PC users increased by 250pc in just over two years.

The paper, from McAfee Avert Labs, saw massive growth in the number of keyloggers, which are malicious software programs that track typing activity to capture passwords and other private information. The 250pc rise was recorded between January 2004 and May 2006.

According to data from the Anti-Phishing Working Group, the number of phishing alerts multiplied 100-fold over the same period of time. These are emails which purport to come from a legitimate bank or financial institution asking users to reveal their login codes or passwords. In reality, these messages are elaborate fakes which send people to sites designed to look like the real bank’s page but which instead captures their information.

The study also cited research showing a high cost to economies of this kind of crime. The Federal Trade Commission put the annual cost for consumers and businesses in the US at US$50bn per year. The UK Home Office has calculated the cost of identity theft to the British economy at US$3.2bn during the past three years

The document also offered practical guidelines for preventing identity theft and minimising the risks of being victimised. It urges PC users to be on their guard for possible phishing scams and recommends that people avoid clicking on links in emails to visit websites but instead manually type a company’s correct web address into the browser.

Users are also advised to install comprehensive security software or services on their PCs and to keep these programs up to date. Strong passwords are also encouraged and it’s suggested that people show caution when visiting secure websites or using programs like instant messaging.

“Identity theft is a global phenomenon that threatens all of us, which means we all need to become more aware, more vigilant and less trusting to protect ourselves,” said Jeff Green, senior vice-president of McAfee Avert Labs. “By learning where we are vulnerable, and how and why criminals engage in identity theft, we can then take the necessary precautions to avoid being victimised.”

By Gordon Smith