By Jonathan Stempel
Consumers who shop and bank online believe criminals have no plans to
take any holidays this season.
A survey released this week by computer maker Sun Microsystems
Inc. shows that while three-quarters of adult holiday shoppers who use
computers plan to buy some gifts online, 67 percent fear that
criminals are lurking to steal their personal identification
data. Eighty-three percent say ID theft poses a bigger threat around
the year-end holidays.
Yet these same consumers expect companies to protect them. Eighty
percent say they would switch or consider switching banks if they
learned their personal data were stolen, lost or shared without their
consent. About 90 percent say retailers that compromised data could
lose their business.
"Consumers are trying to move past the fear," Sara Gates, Sun's vice
president of identity management, said in an interview. "Awareness
about online identities is higher than we thought. The onus is on
companies to increase confidence."
The survey was conducted after a year of high-profile incidents in
which data for at least 50 million Americans, including U.S. senators
and Air Force officers, were stolen, lost or improperly accessed. Ten
million Americans a year are ID theft victims, the Federal Trade
Commission estimates.
Around the holidays, criminals have millions of potential targets.
The Conference Board on Tuesday said 34 percent of all consumers will
buy gifts on the Internet, up from 33 percent last year, with books,
clothing, shoes, toys, movie videos and DVDs, and music CDs the top
stocking-stuffers.
Meanwhile, an ABC News survey released on Wednesday estimates 31
percent of Americans will shop online, with higher income and
better-educated consumers the most likely to do so.
JupiterResearch, a unit of Jupitermedia Corp., expects U.S. holiday
online sales to rise 18 percent this year to $26 billion.
WHO'S TO BLAME?
Criminals hunting for credit card numbers and passwords are developing
more sophisticated means of thievery. Regulators are trying to fight
back, ordering banks by late 2006 to tighten online access, often by
requiring two forms of identification.
For some, fighting back is overdue.
According to the Sun survey, just 30 percent of consumers say it is OK
for banks to use social security numbers as the main form of
identification.
One in three say they have been victims of ID theft, or know people
who have. On the other hand, 44 percent say most ID theft victims are
probably careless.
Some are. It is well-known that many criminals successfully "phish"
for victims by sending e-mails, often larded with grammar and spelling
mistakes, that encourage victims to dispense their personal data on
real-looking Web sites.
Translation: Consumers should not give out personal data when
contacted by strangers.
Protections on real Web sites vary. Citibank, Bank of America, Chase,
Wachovia and Wells Fargo, for example, post larger, more prominent
security notices on their home pages than Wal-Mart, Home Depot, eBay
and Amazon.com do.
Unfortunately, sophisticated criminals have graduated to keylogging,
where they monitor victims' Web use and keystrokes, and "pharming,"
where they silently redirect computer users to fake Web sites. This
activity can be tough to detect.
Many politicians have had enough. A handful of ID theft bills are
pending in Congress, though opponents say some would block many states
from enforcing even tougher laws.
The Sun survey was conducted by Harris Interactive, which polled 2,062
adults online between November 1 and 3. The ABC News survey was
conducted by TNS, which polled 1,003 adults by phone between November
16 and 20. The surveys' margin of error is plus or minus 3 percentage
points.
Copyright 2005 Reuters Limited.
NOTE: For more telecom/internet/networking/computer news from the
daily media, check out our feature 'Telecom Digest Extra' each day at
http://telecom-digest.org/td-extra/more-news.html . Hundreds of new
articles daily.