Consumers are confident they’re safe online, but hackers have proven otherwise, stealing $172 billion from 978 million consumers in 20 countries in the past year, according to the 2017 Norton Cyber Security Insights Report.
Globally, cybercrime victims share a similar profile: they are everyday consumers who use multiple devices whether at home or on the go, but have a blind spot when it comes to cyber security basics. This group tends to use the same password across multiple accounts or share it with others. Equally concerning, 39 percent of global cybercrime victims despite their experience, gained trust in their ability to protect their data and personal information from future attacks and 33 percent believe they had a low risk1 of becoming a cybercrime victim.
In the United States, 143 million consumers were victims of cybercrime – more than half the U.S. adult online population. Losses totaled $19.4 billion and each victim lost an average of nearly 20 hours (19.8 hours) dealing with the aftermath.
“Consumers’ actions revealed a dangerous disconnect: Despite a steady stream of cybercrime sprees reported by media, too many people appear to feel invincible and skip taking even basic precautions to protect themselves,” said Fran Rosch, executive vice president, Consumer Business Unit, Symantec. “This disconnect highlights the need for consumer digital safety and the urgency for consumers to get back to basics when it comes to doing their part to prevent cybercrime.”
Embracing cybersecurity safety measures, but leaving the virtual door unlocked
Consumers used device protection technologies such as fingerprint ID, pattern matching and facial recognition, with 45 percent using fingerprint ID, 21 percent using pattern matching, 19 percent using a personal VPN, 14 percent using voice ID, 16 percent using two-factor authentication and 16 percent using facial recognition. However, consumers who adopted these technologies often still practice poor password hygiene and fell victim to cybercrime.
Consumers express confidence, but are more prone to attacks as they protect newer and more devices. Forty-six percent of U.S. cybercrime victims owned a smart device for streaming content, compared to about one quarter of non-victims. They were also three times as likely to own a connected home device.
Despite experiencing a cybercrime within the past year, nearly a quarter of victims in the U.S. used the same online password across all accounts and 60 percent shared their passwords for at least one device or account with others, negating security efforts. By comparison, only 17 percent of non-cybercrime victims reuse passwords and 37 percent share their passwords with others. Additionally, 41 percent write their passwords down on a piece of paper and are almost twice as likely to use different passwords and save their password to a file on their computer/smartphone than non-victims.
Consumer boundaries skewed between cybercrime and “real life”
Eighty-one percent of U.S. consumers believe cybercrime should be treated as a criminal act. However, when pressed, contradictions emerged. Nearly one in four believe stealing information online was not as bad as stealing property in ‘real life.’
When presented with examples of cybercrime, 41 percent of consumers believed it’s sometimes acceptable to commit morally questionable online behaviors in certain instances, such as reading someone’s emails (28 percent), using a false email or someone else’s email to identify their self online (20 percent) and even accessing someone’s financial accounts without their permission (18 percent).
The state of consumers’ trust
Despite this year’s cyberattacks, Americans generally continue to trust the institutions that manage their data and personal information. However, they are not as trusting of some institutions and organizations.
- Consumers gained or maintained trust in organizations such as banks and financial institutions (76 percent), and identity theft protection service providers (71 percent) despite the attacks that made headlines this year.
- Alternatively, more than half of U.S. consumers (53 percent) lost trust in their government to manage their data and personal information within the past year. 39 percent lost trust in social media platforms.
- More than one third (37 percent) of U.S. cybercrime victims gained trust in themselves to manage their data and personal information.