Do your infosec habits make you vulnerable to fraud?

A third of Americans have been a victim of information fraud or identity theft. Despite notable data breaches in 2019, when asked if they update or change passwords/PINs after a company they do business with suffers a data breach, more than a quarter (28%) say only sometimes and nearly one in 10 (9%) say they don’t update their passwords at all, according to a Shred-it survey.

infosec habits

Safeguarding sensitive data

Four in ten (41%) Americans who have been a victim of information fraud or identity theft became one because their credit card number was stolen or used, another 22% reported someone stole their information from physical paper documents (e.g., W-2, mail, paper files at work, etc.) – highlighting a need for improved digital and physical information security – and 20% reported a company they do business with was hacked.

However, nearly half (43%) of Americans still have their credit card/financial information stored on a company/brand website for easier or faster checkout and more than a third (35%) store paper documents containing sensitive personal information in an unlocked box, desk drawer or cabinet at home or work, leaving another method of fraud open to occur.

Nearly half (46%) of Americans believe they are vulnerable to information fraud or identity theft based on their physical and infosec habits. While nearly two-thirds are more concerned that they could fall victim to an online security breach, 13% are more concerned they could fall victim to a physical security breach.

Additionally, nearly two in five (39%) Americans take more information security precautions at home, while 17% take more precautions at work and 40% of Americans are equally as cautious at home and work.

However, more than a quarter (27%) of Americans do not shred paper or physical documents containing sensitive information before throwing them away at home, and nearly three in ten (28%) Americans do not shred similar documents before throwing them away at work.

Bad infosec habits make you susceptible to fraud

  • More than half (51%) of Americans admit to reusing passwords/PINs across multiple accounts
  • Women (53%) are more likely than men (49%) to reuse passwords/PINs
  • Gen Zs (60%) are the most likely to reuse passwords/PINS, compared to Millennials (59%) and Baby Boomers (46%)
  • One in five (20%) Americans admit to sharing their passwords/PINs for internet, entertainment or TV viewing services with family or friends
  • Gen Zs (36%) are the most likely to share passwords/PINs with family and friends, compared to Millennials (30%) and Baby Boomers (11%)
  • Nearly a third (31%) of Americans think they could guess their significant other or close family member’s passwords/PINs

Americans aren’t confident in brands’ ability to protect them from data breaches

  • If a company or brand they have done business with suffered a data breach, more than a third (34%) of Americans would stop doing business with them or delete their account/membership
  • More than four in 10 (41%) Americans believe that brands today do not take proper security measures to safeguard their personal information, and think their personal information could be vulnerable to a breach
  • Providing protection against fraud is key for businesses as 73% of Americans would be more likely to shop or do business with a company that has cyber insurance protection

infosec habits

Purchasing decisions may be impacting information security

  • When asked to choose, 41% of Americans think making an online retail purchase would make them most vulnerable to information fraud or identity theft compared to: Banking online (21%), leaving paper trails or receipts from in-person purchases or transactions (20%), traveling (8%)
  • Although 55% of Americans say they have not left behind their copy of a receipt in public, nearly two in five (38%) have done so

Don't miss