The safest way for people to avoid ID fraud when they sell or throw away their computer is to "destroy it with a hammer", a consumer magazine said today.
Which? Computing warned that thieves were trawling council tips and internet auctions to find unwanted PCs.
They then use specialist software to recover files that the original owner had deleted. This gives them access to everything from family photographs to bank statements and credit card details.
Sarah Kidner, editor of Which? Computing, warned that the risk of becoming a victim was increasing.
"PCs contain more valuable personal information than ever as people increasingly shop online, use social networking sites and take digital photos.
"Even if you delete your files, you'd be surprised how easy it is to recover your personal data. Such information could bring identity thieves a hefty payday.
"It sounds extreme, but the only way to be 100% safe is to smash your hard drive into smithereens," she said.
Alexander Skipwith, from London, became a victim of ID fraud when he was told his personal information would be wiped from his hard drive before it was sent to the manufacturer.
But he later had to pay a ransom of £100 plus costs to get it back when a man in Latvia recovered the files and sent him a personal photo to demonstrate what he had done.
Which? Computing bought eight second-hand hard drives from auction site eBay as part of their investigation into the issue, and was able to access 22,000 deleted files.
A spokesman for the magazine said the average UK citizen was worth £85,000 to an ID fraudster, and the only way to guarantee safety was to "remove the hard drive from your PC and destroy it with a hammer".