The validity of the stolen information is strictly enforced, the report found
British bank account details are on sale online for as little as £5 in so-called cyber-crime supermarkets, a report says.
Criminals are also targeting social networking sites, according to a web security firm report into online crime.
Symantec says EU identities sell for more than American ones because they can be used across the EU.
Investigators say criminals are turning from online banking to social networks because their users are less careful.
Sophisticated and personalised
According to Symantec's latest twice-yearly Internet Security Threat Report, UK bank account details were the most advertised items on black-market forums used to trade stolen information.
The most frequently targeted accounts belonged to high-value businesses, as the details could be sold for more than those of accounts with lower balances belonging to consumers.
But the report also found there has been an increase in sophisticated and personalised attacks on consumers.
The data is most often sold via instant-message groups or Web forums that are live for only a few days or even hours, according to Symantec.
Cyber-crime bulk buys
It says the hacking community exacts harsh consequences when members try to pass along incorrect information - if an account does not contain the funds it is advertised as holding, the ability of that vendor to sell data again plummets.
Symantec also saw bulk-buying of personal details which had been packaged up in bargain bundles.
In the final half of 2007, the security firm saw 50 credit card numbers for sale at £20 (£0.40 each), and 500 credit card numbers for £100 (£0.20 each).
After credit cards, full identities were the third most common item advertised for sale - making up 9% of all advertised goods, an increase from 6% in the first half of 2007.
Symantec concluded that identity trading was on the increase and that even stolen eBay accounts were now being put up for sale.