Online job seekers are happily sending out personal information such as date of birth and passport number when applying for jobs, which could be intercepted by cybercriminals, a controlled experiment supported by the Metropolitan Police and the Information Assurance Advisory Council (IAAC) has shown.
CV template service iProfile placed an advert in a national newspaper for an Office Manager and requested potential candidates to apply online at a hoax website. A quick surf around the website established it was obviously fake. However, the company still received 107 applications, all of which contained personal data such as passport number or date of birth.
The experiment saw 61 job hunters provide enough information on their CV for cyber criminals to successfully apply for a credit card. Typically, criminals need just three out of fifteen key pieces of information to commit identity fraud, whilst in this survey the average CV received contained eight pieces of information.
Neil Fisher, Vice President, IAAC, felt that this is a common problem: “Many people are happy to send their CVs ‘blind’ without thinking about the consequences if their information fell into the wrong hands”.