The company said the intention of the stunt was to "raise awareness of the need to be very careful about the information people give to complete strangers."
A copper, detective Inspector, Chris Simpson of the Yard, said he was "disturbed" by the findings.
The researchers admitted to a certain amount of subterfuge in extracting information such mothers' maiden names, or first schools attended from the 200 folk interviewed.
Pretending to be looking into Londoners' theatre-going habits, the researchers told pedestrians that if they took part in the survey they would be entered into a draw for theatre ticket vouchers worth £20. Using this tactic they managed to get the names and address of all those questioned. Ninety-nine per cent coughed up their address and postcode and 92 per cent their home phone number.
Interviewees were told actors often combined their pets name and mother's maiden name to come up with their stage name and were asked what they thought their stage name would be. Ninety four percent of respondents were thus duped into giving up their mother's maiden name and their pet's name.
Continuing the theatre-based theme, the question: "Did you get involved in acting in plays at school?" was followed by: "What was the name of your first school?". Ninety-six percent coughed this information too, giving over the key pieces of security information used by banks.
Infosecurity said the three-minute questionnaire gave researchers sufficient information to open bank accounts, credit cards, or even to start stealing their victim's identity. The researchers did not offer any verification of their identity, their only tool was a clipboard and the offer of the chance to win a voucher for theatre tickets, the company said.
Claire Sellick Event Director for Infosecurity Europe who took part in the research said, one man provided all his information without question, "but returned five minutes later asking for it back, as he thought that we could use it to gain access to his on-line bank account, we gave him back his survey form," she said, "but did not provide any evidence of who we were. If we had been fraudsters he would have been too late."
Detective Inspector, Simpson, Head of Scotland Yard's Computer Crime Unit said, "The results of the survey are disturbing to say the least, however they do highlight the need to raise public awareness of identity theft, what it actually means, how it can happen and the potential consequences".
By a spooky coincidence, DI Simpson is speaking in a keynote session on, Law Enforcement - Cybercrime and International Co-Operation, Prevention, Detection and Punishment,' at Infosecurity Europe 2005 - Olympia, London, UK 26th-28th April. µ
Sign up for INQbot – a weekly roundup of the best from the INQ