Extent of Online Hacker Tutorials Revealed

YORK, England, May 26, 2011 -

People can learn how to hack into someone's account in less than 15
minutes findings from a live investigation revealed.

In a controlled 'classroom' experiment conducted by life assistance
company CPPGroup Plc (CPP), a small group of volunteers with limited
technological knowledge, who signed a disclaimer saying they would not use
the information for illegal or malicious attacks, followed a online tutorial
using a 'man in the middle' technique to hack into a computer network and
obtain each other's login details.

CPP's volunteers - including a TV producer, a self-employed baker and a
retiree - simply followed a 14-minute classroom-style tutorial which is
freely available online. From this they were able to download hacking
software which allowed them to access login details and passwords for e-mail
accounts, social networking sites and online shopping accounts within a
matter of minutes.

And supporting research reveals what could happen as a result - over
seven million people have had online password-protected information accessed
without their permission. Of these, nearly a quarter (24 per cent) claim to
have had their personal e-mails accessed as a result, with 19 per cent saying
their eBay accounts have been hacked. In an age of social media, 16 per
cent[i] say their social networking profiles have been hijacked and 10 per
cent claim to have had money or a loan taken out in their name.

The opportunity for hackers to target users in this way also has the
potential to grow due to the dramatic increase in the number of public Wi-Fi
networks and smartphones with inbuilt Wi-Fi connectivity in recent years.

With over 20,000 videos on YouTube with basic hacking information tips
teaching users how to hack social media profiles, e-mail, smartphones and
PayPal accounts, it seems the internet's capacity to host this type of
material remains unchallenged.

These online hacking tutorials are widely known about with almost a fifth
(17 per cent) of people aware of their existence. But the vast majority (87
per cent) agree that this kind of material should not be available online.
The majority (63 per cent) think 'hacking' tutorials should be removed from
the internet; with over half (56 per cent) saying the Government should take
action to remove 'hacking' tutorials from the internet. A similar number (59
per cent) feel these videos and step-by-step guides increase the risk of
identity fraud.

CPP is urging people to take steps to protect themselves from online
hackers where possible, and urging the Government to take a stronger stance
on internet hacking tutorials.

Identity fraud expert from CPP (www.cpp.co.uk/), Michael Lynch
said: "The recent Sony security breach that saw a hacker gain access to the
personal data of more than 100 million online gamers including people in the
UK has demonstrated the growing and widespread risk that hackers pose to
consumers and businesses. It is important people are aware of the risks so
they can take the necessary steps to protect their identities and manage any
compromised data. As our live session has shown, these hacking 'skills' can
be applied within minutes, so it's crucial for consumers to take steps to
protect themselves."

"With an increased demand for tighter online security, we're calling on
the Government to review access to these online hacking lessons and implement
tighter regulation of internet hacking communities."

The technique taught in the live session known as 'man in the middle'
hacking works by the 'hacker' intercepting communications between two people
or what an individual is viewing on the internet. As a user logs in to their
online account, their username and password appears on the hacker's own
desktop, allowing them to store this sensitive information and access
someone's account - either immediately or at a later date.

In addition to the 'man in the middle' hacking technique used, step by
step video internet tutorials are thriving with hacking tutorials available
for PayPal, Facebook, iPhones, Networks, Apps, MySpace, Twitter, Blackberry
and CCTV.

Robert Chapman, CEO of Firebrandtraining.co.uk
(www.firebrandtraining.co.uk/), who were commissioned by CPP to carry
out the tutorial said: "The wide availability of free hacking tools is a real
concern, and everyone is a target. These resources are only going to grow and
become more advanced, meaning that organisations and individuals must take
steps to protect themselves. It's imperative to keep anti-virus and firewall
software up to date and change passwords to online accounts regularly. Also
use common sense - if security warning messages appear in your browser, don't
ignore them as this could be an indicator that your network has been hacked.
We demonstrated how a very basic way of hacking could be used to steal
millions of pounds from the unprepared."

CPP's top tips on protecting your information from hackers:

1. Change your passwords regularly - the longer and more obscure, the
better

2. Leave a website if you notice strange behaviour (unknown certificates,
pop-ups etc.)

3. Avoid transmitting sensitive data over public (free or otherwise)
Wi-Fi

4. When seeking Wi-Fi connections: know who you are connecting to, be
wary of free Wi-Fi access

5. If using a smartphone: disable Wi-Fi 'auto-connect'

6. If you are concerned about identity fraud, consider purchasing an
identity fraud protection product to help you detect, prevent and resolve any
incidence of the fraud

The Golden Rule is that unless you know your connection is secure, do not
communicate any information or data that you wouldn't feel comfortable
shouting across a crowded room.

If you want more information on how to protect yourself or see how these
experiments worked, please visit CPP's blog (blog.cpp.co.uk/).

Research Methodology

ICM interviewed a random sample of 2005 adults aged 18+ online between 19
- 20 April 2011. Surveys were conducted across the country and the results
have been weighted to the profile of all adults. ICM is a member of the
British Polling Council and abides by its rules. Further information at
www.icmresearch.co.uk

A live experiment was also carried out on April 18 2011.
Firebrandtraining.co.uk were commissioned by CPP to conduct a tutorial
teaching five participants how to download hacking software available in the
public domain and capture users' login details for various online accounts,
including PayPal, Hotmail and Amazon, with the objective of the session
being:

- Demonstrate how long it takes to teach a class of individuals with no
prior hacking experience and limited technological knowledge to learn how to
hack into another user's online account

- Demonstrate how quickly these skills can be applied in order for the
participants to hack into another user's online account

The five participants who took part in the class were a range of ages and
occupations.

All participants signed a disclaimer to state that they would not use the
software and skills demonstrated by Firebrand Training for illegal or
malicious attacks.

Corporate Background Information

The CPPGroup Plc

The CPPGroup Plc (CPP) is an international marketing services business
offering bespoke customer management solutions to multi-sector business
partners designed to enhance their customer revenue, engagement and loyalty,
whilst at the same time reducing cost to deliver improved profitability.

This is underpinned by the delivery of a portfolio of complementary Life
Assistance products, designed to help our mutual customers cope with the
anxieties associated with the challenges and opportunities of everyday life.

Whether our customers have lost their wallets, been a victim of identity
fraud or looking for lifestyle perks, CPP can help remove the hassle from
their lives leaving them free to enjoy life. Globally, our Life Assistance
products and services are designed to simplify the complexities of everyday
living whether these affect personal finances, home, travel, personal data or
future plans. When it really matters, Life Assistance enables people to live
life and worry less.

Established in 1980, CPP has 11 million customers and more than 200
business partners across Europe, North America and Asia and employs 2,300
employees who handle millions of sales and service conversations each year.

In 2010, Group revenue was GBP325.8 million, an increase of more than 12
per cent over the previous year.

In March 2010, CPP debuted on the London Stock Exchange (LSE).

What We Do:
CPP provides a range of assistance products and services that allow our
business partners to forge closer relationships with their customers.

We have a solution for many eventualities, including:

- Insuring our customers' mobile phones against loss, theft and damage

- Providing assistance to cancel and reorder customer's payment cards
should these be lost or stolen

- Providing assistance and protection if a customer's keys are lost or
stolen

- Providing prevention, detect and resolution assistance to protect
customers against the insidious crime of identity fraud

- Assisting customers with their travel needs be it an emergency (for
example lost passport), or basic translation service

- Monitoring the credit status of our customers

- Provision of packaged services to business partners' customers

CPP is an award winning organisation:

- Finalist in the Plc Awards, New Company of the Year, 2011

- Winner in the European Contact Centre Awards, Large Team of the Year
category, 2010

- Finalist in the European Contact Centre Awards, Best Centre for
Customer Service, Large Contact Centre of the Year categories, 2010

- Finalist in the National Sales Awards, Contact Centre Sales Team of the
Year category, 2010

- Finalist in the National Insurance Fraud Awards, Counter Fraud
Initiative of the Year category, 2009

- Finalist in the European Contact Centre Awards, Large Team and Advisor
of the Year categories, 2009

- Named in the Sunday Times 2008 PricewaterhouseCoopers Profit Track 100

- Finalists in the National Business Awards, 3i Growth Strategy category,
2008

- Finalist in the National Business Awards, Business of the Year
category, 2007, 2009 and Highly Commended in 2008

- Named in the Sunday Times 2006, 2007, 2008 and 2009 HSBC Top Track 250
companies

- Regional winner of the National Training Awards, 2007

- Winner of the BITC Health, Work and Well-Being Award, 2007

- Highly Commended in the UK National Customer Service Awards, 2006

- Winner of the Tamworth Community Involvement Award, 2006. Finalist in
2008

- Highly Commended in The Press Best Link Between Business and Education,
2005 and 2006. Winner in 2007

- Finalist in the National Business Awards, Innovation category, 2005

For more information on CPP click on www.cppgroupplc.com

———————————

[i] 16% of those who have had their password protected information
accessed.

For more information or to arrange a time for interview with CPP's Identity Fraud expert Michael Lynch, please call Band & Brown Communications: Bryony Partridge - +44(0)203-451-9406 / +44(0)7846-004-416; Laura Buchan - +44(0)203-451-9428 / +44(0)7738-443-404