BANKS have warned they may stop reimbursing identity fraud victims who post personal information on websites such as MySpace and Facebook. It follows growing concerns that fraudsters are targeting social-networking sites for information to help them steal identities.

Card ID theft occurs when a criminal uses a fraudulently obtained card or card details, along with stolen personal information, to open or take over a credit card in someone else’s name.

While banks will normally reimburse any debts racked up in an ID fraud victim’s name, they are becoming increasingly reluctant to cover those who have been “negligent” with their personal details – by posting them on the web, for example.

Most social-network sites have options to block general traffic, so only invited friends can see details. However, about 30% of users do not use the protection options, Equifax, a credit-ratings agency, said.

Last week, the government-backed Get Safe Online (GSO), launched a campaign to high-light the dangers of divulging information on the internet.

One in four of the 10.8m users on sites such as Facebook, MySpace and Friends Reunited in Britain expose information such as contact details, dates of birth and home addresses on their online profiles, it said. Some even post telephone numbers.

Some 87% post their full name and 38% their date of birth, 27% place their education history online and 26% do the same with their work history.

It also found that 65% of users make their e-mail address public, making them a prime target for phishing, where bogus e-mails are sent by fraudsters seeking personal information.

Tony Neate, managing director of GSO, said: “Your date of birth and where you live is enough for someone to start setting up a credit card in your name.”

To open an account, fraudsters need a victim’s name, address, employment details, phone number, date of birth and mother’s maiden name.

Though banks say they run a series of detailed checks to verify a customer’s identity, all of this information could be obtained from a social-networking site.

While banks often ask for documentary proof of identity, once you have a name, date of birth, address, employment and education history, fraudsters could get copies of that individual’s birth certificate and driving licence, and possibly even a passport.

The fraudster could ask for these documents to be sent to another address claiming the victim had moved. They could also try to intercept documents, especially if they are sent to a communal address.

Neil Munroe of Equifax said it may be possible to trick a bank into gaining access to someone else’s account by saying you have forgotten your phone banking security code.

In these circumstances, a bank often asks a security question, but HSBC, which sponsors the GSO campaign, says many of the questions used by financial services are similar to those asked on social-networking sites, such as mother’s maiden name, pet’s name and your first album.

Before social-network sites, fraudsters had to piece together information from documents in bins, personal papers stolen from houses or information from stolen wallets and handbags, said Munroe. “With Facebook and MySpace, the fraudster’s job is much easier and safer.”

Latest figures from Apacs, the UK payments authority, show credit-card ID theft to have increased by 24% since last year. It accounted for £18.7m of losses in the first half of this year.

WHAT NOT TO REVEAL

Your full address

Your exact date of birth – post your age instead

Your phone number

Your mother’s maiden name

Details of where you work – your occupation is okay

Details of your first school and university

Where you are going on holiday

Your e-mail address – on an open forum