Hook, line and stinkers

ID theft, phishing scams and the public are causing big problems for firms

I have in my hand a piece of paper. It is slightly grubby, curled up on the corners like a pig's ear, and very worn out, but unlike Mr Chamberlain's equivalent, it is an incredibly important little document.

It is a supermarket receipt for about £2.50. That might sound pretty innocuous - after all, at first glance the only obvious information on it is that I prefer my bagels covered in poppy seeds, my Sunday papers with words longer than one syllable, and I don't carry much small change - but it's not. And how I treat this little document is very important.

I could curl it up into a ball, hurl it at the next person to cross my path and then point at whoever is standing near me to deflect the blame, but that's just a short-term gain for me. It would make far more sense for me to shred or burn it, because otherwise someone might crawl over a rubbish tip for it, take the key personal and financial information it contains and then use it to fund some monkey-slave ring, or extravagant mink-coat habit.

Identity theft, enabled by a lackadaisical approach to filing and a loose relationship with paper-shredding machines, is big business these days. In fact incidents of stolen identities have rocketed over the past few years, going from shoulder-shrugging insignificance in 1999 to a 10 on the "Holy Moly" scale this year.

Last week, Saga, the over-50s one-stop-shop for pensions, holidays and financial services, reported that eight out of 10 people it had surveyed were worried about being the victim of such crimes. Meanwhile credit card hawker Capital One started advertising the fact that it offers a consulting service for customers who fall victim to identity theft.

Although some crooks get their hands on personal information by going through bins, technology is the great enabler of ID theft, and may put your firm's reputation and customer information at risk. It could be that Barry in data processing has graduated from riding a pushbike to driving a Bentley not because his grandmother is the wrong side of sickly, as he claimed, but because his fingers are sticky.

So, secure and accountable systems are a must. But even with these in place, consumers still face a danger - their own gullibility. When I check my bank account online I am told that the bank will never send me emails in which it requests my personal information. Meanwhile, eBay offers its users emails only within the confines of its site. Despite this, consumers fall victim to the kind of blunt frauds that most of us delete from our in-boxes without a second thought.

Many firms are taking action to limit this risk. AOL promises a Netscape browser with anti-phishing capabilities; Microsoft says that Windows XP users with Service Pack 2 will have anti-phishing tools. In the meantime, incidents of identity theft are increasing.

It is too early to say what affect the new initiatives will have - whether phishing will disappear, remain a significant online threat, or become a petty but persistent nuisance. What is certain is that many types of business are desperate for a solution.