On the same day this week that a consumer association published a report about the extent of identity fraud, 200 Strathclyde police officers were involved in raids at 42 addresses, nabbing 30 people after nearly £2m was allegedly siphoned illegally from people's bank accounts and several financial institutions.

The police investigations have been running for several months as more than 100 people saw money disappear from their bank accounts. Evidence led to the arrests of the 30 who are said to have accessed personal details, leading to identity theft, credit & loan requests and balance transfers.

Identity fraud is one of the fastest-growing crimes in the UK and costs the country an estimated £1.3 billion a year, said the Which? report yesterday and is a cause of concern to two thirds of people, according to a survey.

A Which? researcher managed to 'steal' editor Malcolm Coles' identity with relative ease. He got hold of his birth certificate, his mother's maiden name, place of birth, mortgage value, a plan of where his flat is on his street, medical data and details of his shopping habits – even how often he visited the gym. An attempt to access his credit card account using this information was only foiled by the fact that Malcolm hadn't got round to telling his bank he'd moved.

Malcolm Coles, editor, Which?, said, "I couldn't believe how easy it was for someone else to assume my identity. Sitting on my desk was a folder with my birth certificate, a print-out of how often I went to the gym and my mortgage details. If this is what an amateur can do, imagine how easy it is for an experienced criminal."

ID thieves gain access to bank accounts to steal money, run up bills, launder money or carry out benefit fraud. Internet scams include spam emails containing viruses that access information on peoples' computers, and emails that look like bank correspondence asking people to 'confirm' their security details.

Offline, thieves make bogus phone calls from 'banks' requesting security details to check suspected fraud, read credit card strips to clone cards or shop online, and even raid bins for sensitive documents - armed with some details, it's easier to get more.

Fortunately, there are easy ways to avoid ID fraud, says Which?:

• Don't use your mother's maiden name or place of birth as security password
• Check your credit file annually for suspect applications
• If you move, ensure you pass on details about change of address
• Shred or rip up post before throwing it in the bin
• Never use the same password for more than one account; half the people Which? surveyed used the same password for all their accounts
• Don't carry details of your home address along with bank cards