Online Entries - Are You Safe?
It is your Birthday!
No it isn’t I hear you say. Well, yes it is. It’s YOUR birthday and similarly it’s YOUR address. Don’t enter these items into a form on-line without thinking twice.
Cautionary advice about entering personal information onto websites from Peter Drake. Anyone who enters Orienteering events on-line should read…..
Read below from the Independent of 12/1/08
Identity fraudster steals £10,000 from Barclays boss
By Cahal Milmo
When Marcus Agius was appointed as the £800,000-a-year chairman of Barclays Bank, he was lauded for his ability to pull off financial coups. It is unlikely that falling foul of a con-man who persuaded Britain’s third biggest bank to issue a credit card in his name and then stole £10,000 is the sort of spectacular deal Mr Agius had in mind.
The bank, which last year announced losses of £1.3bn from the sub-prime mortgage crisis in America, was forced to admit yesterday that the high-profile chairman had been scammed by a fraudster who succeeded in impersonating Mr Agius to a call centre employee to the extent that a Barlaycard was sent out for his use.
The con-man, who used personal information gleaned from the internet such as Mr Agius’s date of birth and his address to dupe staff into believing he was the executive, then took the card to a high street branch of Barclays and withdrew the £10,000.
…..Identity fraud is a growing problem which is estimated to cost the economy £1.7 bn a year.
I’m not particularly up-to-date with the current wording of the Data Protection Act but I was when it first came into force. Then the main tenant of the act was that it is illegal to hold on a computer, or the pass to a 3rd party, information that has been captured other than for the purpose for which it has been collected. I suspect that is still true. If you have registered your dibber or entered events using one of the more popular on-line entry systems you have probably, unnecessarily, provided someone with your bate of birth and address for (illegal) storage in a computer system.
There never was a valid reason for asking for DATE of birth. Address information was only required if you wished to have a printed set of results sent to you. Now that we are all members of BOF and can print out your results on our own computers there simply isn’t an excuse for asking either of these questions when we register our dibbers or enter an event. BOF has all our details quite legitimately, including our YEAR of birth and all we need to provide is our BOF number. (To enter an event we also need to provide the race we want to run and our dibber number if it’s been changed since we registered it.) We certainly shouldn’t enter personal information over an unsecured web site.
Now I hear you saying, “What if the event is cancelled? How do I get my money back if I haven’t supplied an address?” It’s simple. When you authorise payment you leave the club’s web pages and are passed to a secure web site that collects the fee on behalf of the host club. You have to provide an email address so you can be issued with a ‘receipt’. The club will also have an email sent to them telling them that the payment has gone into their account and it gives them your email address. When we cancelled the last Regional event at Houghton we simply emailed all the entrants and asked them how they wanted to receive their money back.
If you have provided this information when you registered your dibber or to participate in an event I recommend that you edit your details to give a date in your year of birth that isn’t your birthday and change your address, particularly the post code, so that it is inaccurate. After all, even if you trust the organisation that holds the data, you don’t want your identity stolen with the laptop from their car. Marcus Agius got his £10,000 back from Barclays, but he was their Chairman. They might not be so sympathetic to you if you freely gave away your personal information when it was not necessary.
Peter Drake 12/1/08
Posted by Peter Chapman on 16th Jan 08