A number of online retailers are failing to carry out even the most basic security checks, fuelling the growth in card-not-present (CNP) fraud.

Speaking at the Retail Business Show in London yesterday, an ex-fraudster, known only as ‘T’, told delegates it was easy for criminals to bribe workers in the call centres of banks and mobile service providers here and abroad, in order to gain customers' credit card numbers, bank details and addresses.

By buying small items, criminals 'test' the validity of this information on sites that they know do not carry out credit checks. Once they know a bank or credit card has not been blocked, they embark on a spending spree on the sites of other online retailers.

The ex-fraudster told delegates: "Some sites – which are still around – do not conduct credit checks when you buy, and these are the sites fraudsters use to check if cards are working before they spend on other sites.

"Also, although some sites claim to be secure and have a policy of matching up the billing address with the postal address for the order, this can be easily bypassed.

"Once you get a credit card number and some more personal details, [CNP] is easy. It is not hard to pretend you are someone else over the phone or internet, " he said.

His claims were backed up by Martin Gill, Professor of Criminology at Leicester University, who carried out an independent survey into the issue. He found that half of inmates convicted of CNP fraud and identity theft used "inside men in places such as call centres [to obtain people's personal details]."

With figures released at the end of last year by banking organisation APACS showing CNP and online fraud is growing, consumers are increasingly concerned that lax security is leaving them at the mercy of fraudsters.

This is something Donal Casey of business consultancy Morse thinks should not be happening: "Most medium-to-large businesses…should be tracking and auditing who, within both their organisation and their call centre, has access to and is using confidential customer data."

This, he believes, should enable these businesses to spot any suspicious behaviour and take the right precautions to prevent it by "quickly review[ing] their security practices to identify any vulnerabilities.”

'T' advised consumers to buy from sites that have extra security measures, such as Verified by Visa and Mastercard Securecode, as these are security features "fraudsters will not attempt to touch."

This advice is also shared by UK payments association APACS in its "Ten Top Tips to Foil the Fraudsters" report and by Tony Neates, managing director of Getsafeonline.

"CNP is a worry, but by taking a few simple precautions consumers can protect themselves," Neate said.