Risk
2/23/2012
03:02 AM
Tim Wilson
Tim Wilson
Quick Hits
50%
50%

Study: Users Of Social Networks, Smartphones More Likely To Be Fraud Victims

Keeping identity safe means learning how to safely use emerging consumer technologies, Javelin says

If you're a heavy user of social networks or smartphones, you're significantly more likely to be the victim of identity fraud, according to a study published Wednesday.

"Consumers who actively engage with social media and utilize a smartphone were found to have a disproportionate rate of identity fraud compared with consumers who do not engage in these media," says Javelin Strategy & Research in its 2012 identity fraud study, The 2012 Identity Fraud Report: Social Media And Mobile Forming The New Fraud Frontier.

The frequency of identity fraud increased by 13 percent in 2011, according to the study -- more than 11.6 million adults fell victim in the United States alone, according to the study. The average dollar amount stolen was about the same as the previous year.

Consumers whose personal information has been compromised by corporate data breaches were the most likely victims, Javelin says. Consumers who have received notification of a data breach affecting their personal data are 9.5 times more likely to experience identity fraud than those who don't receive such a notification.

For the first time in its annual study, Javelin also tracked users' online behavior to see its impact on identity fraud. "LinkedIn, Google+, Twitter and Facebook users had the highest incidence of fraud, although there is no proof of direct causation," the study says. The survey also found that despite warnings that social networks are a great resource for fraudsters, consumers are still sharing a significant amount of personal information that might be used to authenticate their identities.

"Consumers need to be smarter in what they're doing on social networks," says Steven Schwartz, executive vice president of consumer services at Intersections Inc., an identity protection service and co-sponsor of the study. "Interestingly, LinkedIn had the highest incidence of fraud, probably because people think of it less as a social environment and more as a way to do business networking. They're more likely to accept a relationship with someone they don't know."

The survey also found that 7 percent of smartphone owners were victims of identity fraud -- a 33 percent higher incidence rate compared to the general public.

"Part of this increase may be attributable to consumer behavior," the study says. "Thirty-two percent of smartphone owners do not update to a new operating system when it becomes available; 62 percent do not use a password on their home screen, enabling anyone to access their information if the phone is lost; and 32 percent save login information on their device."

"Consumers who turn on the GPS locator in their smartphones have double the risk of identity fraud," says Javelin's James Van Dyke, principal author of the report. "When you use a lot of new apps on your phone, and when you accept friends who you don't know on social networks, you're more likely to be a victim."

Have a comment on this story? Please click "Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message. Tim Wilson is Editor in Chief and co-founder of Dark Reading.com, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one ... View Full Bio

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading December Tech Digest
Experts weigh in on the pros and cons of end-user security training.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-1421
Published: 2014-11-25
mountall 1.54, as used in Ubuntu 14.10, does not properly handle the umask when using the mount utility, which allows local users to bypass intended access restrictions via unspecified vectors.

CVE-2014-3605
Published: 2014-11-25
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-6407. Reason: This candidate is a reservation duplicate of CVE-2014-6407. Notes: All CVE users should reference CVE-2014-6407 instead of this candidate. All references and descriptions in this candidate have been removed to pre...

CVE-2014-7839
Published: 2014-11-25
DocumentProvider in RESTEasy 2.3.7 and 3.0.9 does not configure the (1) external-general-entities or (2) external-parameter-entities features, which allows remote attackers to conduct XML external entity (XXE) attacks via unspecified vectors.

CVE-2014-8001
Published: 2014-11-25
Buffer overflow in decode.cpp in Cisco OpenH264 1.2.0 and earlier allows remote attackers to execute arbitrary code via an encoded media file.

CVE-2014-8002
Published: 2014-11-25
Use-after-free vulnerability in decode_slice.cpp in Cisco OpenH264 1.2.0 and earlier allows remote attackers to execute arbitrary code via an encoded media file.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Now that the holiday season is about to begin both online and in stores, will this be yet another season of nonstop gifting to cybercriminals?