Three quarters of web users not security savvy

The survey, which was conducted among 4500 people around the world, found that “the vast majority” of consumers are at risk from new and unknown information security threats on social networking sites, instant messaging services and other online communication and networking tools.

According to PC Tools, 74% are not aware of the need for behaviour-based protection and a fifth does not understand the nature of zero-day security threats.

Michael Greene, vice president, product strategy, at PC Tools, said: “While consumers are generally security conscious, they are not yet security savvy. The increased use of the internet among consumers, almost all of whom are now online on a daily basis, is providing a lucrative market for cybercriminals and as a result, we are seeing more and more sophisticated techniques that lure consumers into clicking on malicious links or downloading malicious files, for example.”

Greene said the use of social engineering techniques means that traditional based anti-virus software is no longer enough. “Users must make sure they’re equipped with the latest behavioural-based protection to provide defence against new and unknown threats in addition to understanding key methods of infection.”

He warned that this is particularly relevant for the 41% of the global respondents who use only one or two passwords across all the sites they visit, and the 8% who only use a single password for all sites.

Regional differences

Of those most likely to use the same password across all sites, the French were the worst with 56% of respondents being guilty of this security ‘crime’. In the Benelux countries 45% used one password and in the UK and Germany, 35% and 16% were guilty of this respectively.

When it came to updating security software, the UK came out worst with a third saying they never update their security software. In France, only seven percent admitted to this. In Germany and the Benelux countries the figure was five percent.

The Brits also came the worst out for using security protection when they surf the net with almost a tenth not using this. The figures for the other countries were: Benelux one percent, France five percent and Germany four percent.

When it comes to deleting links or files sent via email, instant messenger or social networking sites, the Germans were the most cautious, with nine percent of respondents saying they did this. Eight percent in the Benelux countries did the same, where the figures for France and the UK were two percent and one percent respectively.

Security awareness

Despite the complaisant behaviour, PC Tool’s study found relatively high levels of awareness of the need for some level of security protection on their computers.

Over half (57%) have a security suite installed, 64% have set their security software to update automatically, 84% will always take action on security alerts, and 37% will verify a received link before following it.

The UK in specific

Looking at the UK, the survey found that 77% of people in the UK have installed security software on their computer, but that a third never update this security software. Furthermore over half said they ignored security alerts unless they came across as strikingly dangerous.

The UK results also showed differences in behaviour between men and women:

  • 47% of men use the same password for all sites, only 26% of women did the same;
  • Almost two thirds of men would open a link or attachment from a friend without checking its legitimacy first, whereas women were more cautious, with 48% doing the same;
  • 30% of men completely ignore security alerts because they either feel they are too busy, or they find them annoying;
  • Men are still more aware of security risks online, however, with 85% knowing the different channels through which security threats can be transmitted; and
  • 44% of women were unaware that security threats can be transmitted on sites such as Facebook and Twitter.

What’s hot on Infosecurity Magazine?