Everyday cybersecurity practices inadequate among many online consumers
Bitdefender released a report which reveals how consumers across various age groups and socio-demographic backgrounds behave on popular platforms, applications and devices, affecting cybersecurity risk. Findings show basic practices for securing data, protecting identity and sharing information are lacking despite increased threats and heightened concern over cybercrime.
“Understanding consumer online security behavior trends is crucial for strengthening cybersecurity across society at large,” said Bogdan Botezatu, director, threat research and reporting at Bitdefender.
“Cybercriminals continuously explore new ways to exploit human weaknesses to steal sensitive data, extort money, or gain a foothold inside systems. By understanding everyday cybersecurity practices, we can better gauge potential risks and vulnerabilities to educate consumers on ways to protect themselves more effectively such as how to use prevention, detection and digital identity protection technologies to stop attacks from being successful.”
The report, based on a survey that polled more than 10,000 consumer internet users across 11 countries, examines the use of popular online platforms and services, personal cybersecurity practices, level of exposure to threats and more.
Everyday cybersecurity practices
Poor password practices are still common – Fifty-percent surveyed said they use a single password for all online accounts, and 32% use just a few passwords and reuse them across multiple accounts. Twenty-seven percent of respondents use simple passwords such as 1234 to lock their mobile phones and 11% do not lock their mobile phones at all. The use of simple passwords is most common among 18 to 44 year-olds, and males self-reported using simple passwords more than females (31%, compared to 23%).
Many don’t use cybersecurity protection software on mobile phones – Surprisingly, nearly 35% say they do not use antivirus on their mobile phones. The most common reasons cited for this were: 30% believe mobile phones do not need it, 22% feel it is too expensive, and 16% think security is built in. Additionally, an average of 41% do not use private browsers and 52% do not use a VPN.
Mobile phone scams lead the threats – 61% of respondents said they have experienced as least one mobile cybersecurity threat in the last 12 months. Mobile phone scams involving unsolicited texts and calls were the most frequent threats noted in the survey at 36%, followed by phishing at 23%, data breaches at 12%, social network impersonation at 11%, financial fraud at 9% and ransomware at 8%.
Although few respondents had personally experienced financial fraud, it ranked the highest in terms of concerns, with 41% stating they were very worried about the threat. The age group most concerned with overall threats were 35 to 44-year-olds, followed by those in the 25 to 34 year-old range.
Lack of child supervision poses significant security risks – Parents were queried on how much they supervise their children’s internet browsing behaviors and application installation. Shockingly, the survey found an average of 36% of children have fully-unsupervised access on computers, mobile phones and tablets. The United States led all other countries in the survey with unsupervised access approaching 50% compared to all other countries reporting less than 40%.
Majority of consumers are highly exposed – When analyzing all respondent behaviors, from password reuse, to the number of online accounts and services, to sharing of account details and lack of security services on their devices, almost 60% of consumers were deemed “exposed” or “rather exposed.” Just 11% of respondents could be described as “secure” in terms of their cybersecurity practices.
Smart phones used most frequently to access online services – 74% of respondents primarily access online services using a personal smartphone, with 61% of those using the Android operating system. Personal laptops came in second at 45%, followed by Smart TVs at 30% and personal desktops at 28%. 23% report using at least one workissued device to access personal online accounts.
Most have social media and online shopping accounts – Sixty-three percent of respondents reported having a social media account and 54% an online shopping account. Other top services used include video streaming at 40%, telecommunication and health platforms at 29% and utility services at 28%.
Age and gender influence digital platform behaviors – With an average of eight online platforms used per respondent, there were key differences across age groups and gender when it comes to the top three platforms used (Facebook, WhatsApp and Gmail). At 51%, female usage on Facebook is higher than males at 42%. The 35-44 age group is 21% more likely to use WhatsApp compared to 18 to 22 year-olds who also are 26% less likely to use Gmail compared to those 55-65.
Most users understand privacy settings – A positive finding around online privacy shows 51% of users know how to change internet browser privacy settings and 46% read through privacy policies when signing up for new accounts. However, 46% also declare they dislike choosing new passwords for each new account and 38% dislike requirements to use multi-factor authentication.
Personal identification details are commonly shared — Personal identification details, including name, birthdate and even physical address are commonly shared online, with males being more likely to share their details than females. Gender is the most common detail shared with 54% of respondents always or almost sharing, followed by name (43%), personal email address and birthdate (40%) and physical address (29%). Young adults between ages 18-24 are more likely to share their personal information than other age groups.