Cybercriminals are using an online black market to trade credit card details for as little as 4p, making it even easier for them to steal your identity and money, according to new research from anti-virus supplier Symantec.
Online black market transactions can also involve criminals trading email address and accounts from only 5p, with a full identity going for about £45. Figures show that cybercrime is now a booming industry with an identity stolen every three seconds online, while one is committed every 37 seconds on the streets of London.
"The majority of us use the internet, but there is a very real and growing criminal underworld we are often not aware of. We need to do more to protect ourselves from these online perils, especially as national police forces find it dauntingly hard to stop cybercriminals from operating from other countries," says Professor Lillian Edwards, internet law specialist at Sheffield University.
Some scams are fairly low tech. Phishing scams, in which criminals email consumers masquerading as a bank or credit card company, are commonplace.
"These usually ask for confirmation of account information and can seem very legitimate, perhaps featuring your bank's logo," says Orla Cox, a security expert at Symantec.
However, there are ways to spot them. Giveaways can be spelling and grammatical errors. Many are sent in bulk so may not be addressed to you personally and will often ask for you to click on a link to validate your security details.
Divulging information on social networking sites such as Facebook is also risky. Applications may be sent round, seemingly just a bit of fun, determining which TV show character you're most like, for example. However, these will often require information such as your maiden name or pet's name, which are typical security questions used to access accounts. "Social networking interaction provides fraudsters with new opportunities to deceive people," says David Wall, professor of criminal justice at the University of Leeds.
Phishing has even morphed into what has been called SMSing (ID theft using SMS texts) then into vishing (ID theft using voice over internet protocol). Professor Wall also highlights a new "man in the middle" phishing, where the victim's browser becomes infected by a small download of malicious software. When the victim logs on to do internet banking the transaction seems normal, but all of the information is sent back to the phisher's mothership computer.
"The crime window is now much shorter than it was and criminals are becoming very innovative, constantly seeking novel new ways to defraud people," says Professor Wall.
It can take months even to realise that your identity has been stolen, but despite the frightening potential for fraud and theft, there are simple steps you can take to protect yourself.
Firstly, protect your computer. Install the latest software versions of anti-virus, anti-spyware and firewall. A firewall acts as a barrier between your computer and the internet to block unauthorised access and viruses. If you sell an old computer, wipe any personal details.
If you do receive an email, ensure that you know exactly whom you're dealing with, particularly if it asks for private information. Never access your account in an internet café or library because there is little guarantee the computer is secure. Also, don't use the same password for several online accounts and choose a combination of letters and numbers to make it difficult to guess. Keep a careful eye on your credit report through one of the three credit reference agencies, Experian, Callcredit and Equifax.