"Hackers and spyware don't lead to identity theft. Stupid people do." So claims an article I just stumbled across posted in May 2005 on the blog "Trenchier".\n\nAccording to the writer "Yesterday [May 5th, 2005], there was a post on the p2p weblog about people sharing tax returns on p2p networks. It took me all of ten minutes find tax returns, bank statements, court documents, alimony papers , (copies of) passports etc. These documents have the names, bank account numbers, SSNs, dates of birth and so on."\n\nNot at all surprising when you think about it. The following flame war is quite entertaining in a been-there-read-that kind of way.\n\nAnyway, this raises an interesting question about the nature of identity theft. In the industry much of the focus has been on identity theft by people being deceived by phishing attempts and hackers but perhaps the bigger problems is, as the author above notes, the stupidity of users.\n\nFor some reason many people think that any content received on-line is somehow more likely to be true than the same content from a real world source. In the real world the rule is "caveat emptor" (let the buyer beware). On-line it should be "caveat newbie".