All that scam required was a telephone and a tape recorder. At £400 a pop, these ingenious crooks could easily rake in five grand a night while watching TV and only working during the commercials. But given the wild disconnect between the paranoid caution we're told to exercise to protect our data and the blithely lax protocol of a host of transactions in daily life, I don't know why they bothered to be so inventive.

Whenever I buy, say, a case of wine over the phone, I provide my debit card number, its security code, and the expiry date, along with my name and my address. Although I'm dealing with an established vendor, I implicitly have to trust this particular employee. I have no idea who this person is, how long he or she has been working for the wine club, or who the employee's friends are. Yet I have just given a total stranger the means to clean out my current account.

It's no safer online, is it? Putting charges through "secure servers" entails having faith that all that encryption folderol is the real deal. The impression of security is created with an image or two and a sequence of fluctuating dots that any half-competent hacker could conjure up with his hands tied. 

Surely Amazon's dominance isn't solely explained by the site's range of products. It feels safer to keep buying from the same website than to enter all those dangerous details into multiple websites you've never used before. But in the name of convenience, Amazon itself stores so much information in your account that if some ne'er-do-well steals your laptop and runs a program that randomly generates your password (the name of your dog), he's got the keys to the kingdom.