While consumers remain complacent, hackers refine their skills

A new Norton Cyber Security Insights Report found that consumers who were victims of cybercrime within the past year often continued their unsafe behavior. For example, while these consumers were more likely to use a password on every account, they were nearly twice as likely to share their password with others, negating their efforts.

76 percent of consumers know they must actively protect their information online, but are still sharing passwords and engaging in other risky behaviors. Additionally, 35 percent of people have at least one unprotected device leaving their other devices vulnerable to ransomware, malicious websites, zero days and phishing attacks.

Our findings show that people are growing increasingly aware of the need to protect their personal information online, but aren’t motivated to take adequate precautions to stay safe,” said Fran Rosch, executive vice president, Norton Business Unit, Symantec. “While consumers remain complacent, hackers are refining their skills and adapting their scams to further take advantage of people, making the need for consumers to take some action increasingly important.”

Given the rampant rates of cybercrime the complacency in consumer behavior is concerning. Within the past year, 689 million people in 21 countries were victims of cybercrime, an increase of 10 percent across the 17 countries that were measured in 2015.

Overconfidence in connected devices leaves consumers vulnerable

With every connected home device purchase, consumers are unknowingly giving hackers a new avenue to launch attacks. In some instances, poor consumer security habits and vulnerabilities in connected devices are letting hackers into consumers’ homes.

• One in five connected home device users don’t have any protective measures in place for their devices.
• Nearly half (44 percent) of consumers surveyed don’t believe there are enough connected device users for them to be a worthwhile target for hackers. Yet, just as hackers learned to benefit from targeting social media and financial accounts, they are on their way to learning how access to connected home devices can be lucrative.
• Over six in 10 (62 percent) consumers said they believe connected home devices were designed with online security in mind. However, Symantec researchers identified security vulnerabilities in 50 different connected home devices ranging from smart thermostats to smart hubs that could make the devices easy targets for attacks.

Consumers admit the risks are real

The prevalence of cybercrime has merged with peoples’ perception of real-world risks. Many now see cybercrime dangers as equivalent to risks in the real world.

• Half of consumers said that over the past five years, it’s become harder to stay safe online than in the real world.
• Six in ten (61 percent) said they believe entering financial information online when connected to public Wi-Fi is riskier than reading their credit or debit card number aloud in a public place.
• Almost half of parents (48 percent) believe their children are more likely to be bullied online than on a playground, compared to only 23 percent in 2015.

Bad habits are hard to break: Online or otherwise

Experiencing cybercrime is a potential consequence of living in a connected world, but consumers still remain complacent when it comes to protecting their personal information online.

• Millennials exhibit surprisingly slack online security habits, and are happy to share passwords that compromise their online safety (35 percent). This is likely why they remain the most common victims of cybercrime, with 40 percent having experienced cybercrime in the past year.
• More than one in three consumers never connect to a Wi-Fi network using VPN, which can potentially allow a hacker to steal data as it travels on the network.
• Consumers are still willing to click on links from senders they don’t know or open malicious attachments. Nearly three in 10 people cannot detect a phishing attack, and another 13 percent have to guess between a real message and a phishing email, meaning four in 10 are vulnerable.
• Thinking about cyber security doesn’t mean you’re secure. People who experienced cybercrime within the past year were more likely to be concerned about the security of their home Wi-Fi network (66 percent vs. 50 percent non-victims), but less likely to password protect their home Wi-Fi network than non-victims (22 percent vs. 14 percent of non-victims have unprotected networks).