Hackers hone their skills while Malaysian consumers remain complacent
By Digital News Asia November 18, 2016
- Recent cybercrime victims most likely to repeat risky behaviour
- Consumers are letting hackers sneak into their homes through connected devices
NORTON by Symantec, on Nov 17 released findings from the annual Norton Cyber Security Insights Report, which sheds light on the truth about online crime and the personal effect it has on consumers.
The most common cybercrime consumers experienced was mobile device theft (24%), followed by account password compromised (22%) and hacks into email accounts (21%).
The report also found that consumers who were victims of cybercrime within the past year often continued their unsafe behaviour. For example, in Malaysia, even though victims used passwords, they were likely to share their password with others, negating their efforts.
Furthermore, given the rate of cybercrime, the complacency in consumer behaviour is concerning. In Malaysia, among those with at least one unprotected device, almost two in five (38%) said they don’t need protection because they don’t do anything “risky” online.
Interestingly, 74% of consumers know they must actively protect their information online, yet they are still sharing passwords and engaging in other risky behaviour. Thirty-four percent of people have at least one unprotected device leaving their other devices vulnerable to ransomware, malicious websites, zero days and phishing attacks.
“Our findings show that people are growing increasingly aware of the need to protect their personal information online, but aren’t motivated to take adequate precautions to stay safe,” said Chee Choon Hong (pic, above), director, Asia Consumer Business, Norton by Symantec.
“While consumers remain complacent, hackers are refining their skills and adapting their scams to further take advantage of people, making the need for consumers in Malaysia to take some action increasingly important.”
Consumers admit the risks are real
The prevalence of cybercrime has merged with peoples’ perception of real-world risks. Many now see cybercrime dangers as equivalent to risks in the real world.
- Over half of consumers (59%) said that over the past five years, it has become harder to stay safe online.
- Only 35% are confident with their ability to keep personal information safe online.
- Six in ten (65%) said they believe entering financial information online when connected to public Wi-Fi is riskier than reading their credit or debit card number aloud (35%) in a public place.
Bad habits are hard to break – online or otherwise
Experiencing cybercrime is a potential consequence of living in a connected world, but consumers still remain complacent when it comes to protecting their personal information online.
- Millennials exhibit surprisingly slack online security habits, and are happy to share passwords that compromise their online safety (31%). This is likely why two in five millennials have experienced cybercrime in the past year.
- Only 39% of consumers connect to a Wi-Fi network using VPN regularly; others can potentially allow a hacker to steal data as it travels on the network.
- Consumers are still willing to click on links from senders they don’t know or open malicious attachments. When presented with a fraudulent and legitimate email, one in four (26%) cannot identify a phishing email.
- Most Malaysian consumers (94%) use public Wi-Fi connections, yet only 50% think they know how to determine whether the Wi-Fi network they are using is secure.
- Thinking about cyber security doesn’t mean you’re secure. People who experienced cybercrime within the past year were just as concerned about the security of their home Wi-Fi network (77% vs. 75% non-victims). However, the victims are less likely to password protect their home Wi-Fi network than non-victims (17% vs. 9% of non-victims have unprotected networks).
Overconfidence in connected devices leaves consumers vulnerable
With every connected home device purchased, consumers are unknowingly giving hackers a new avenue to launch attacks. In some instances, poor consumer security habits and vulnerabilities in connected devices are letting hackers into consumers’ homes.
- More than one in four (27%) used the default password issued by their provider when setting up my Wi-Fi and have not changed it since.
- More than half (54%) of consumers surveyed don’t believe there are enough connected device users for them to be a worthwhile target for hackers. Yet, 73% believe that just as hackers learnt to benefit from targeting social media and financial accounts, they are on their way to learning how accessing connected home devices can be lucrative.
- Over seven in 10 (72%) consumers said they believe connected home devices were designed with online security in mind. However, Symantec researchers identified security vulnerabilities in 50 different connected home devices ranging from smart thermostats to smart hubs that could make the devices easy targets for attacks.
Malaysians are falling prey to ransomware
More than one in five (22%) of Malaysians know someone who had experienced cybercrime while six percent of the victims had experienced the attack themselves, indicating the steady rise of this menace. Twenty-four percent of these victims actually paid the ransom to gain access to their files. Proving that paying the ransom is no guarantee, 13% of victims paid ransom, but could not retrieve their files.
Tips to stay safe online:
By adopting a few basic behaviours, cybercrime risk can be mitigated:
- Avoid password promiscuity: Protect your accounts with strong, unique passwords that use a combination of at least 10 upper and lowercase letters, symbols and numbers to help keep the bad guys at bay. Make it difficult for attackers to access your information by changing your passwords every three months and not reusing passwords for multiple accounts. That way, if a cybercriminal gets your password, they can’t compromise all of your accounts. And if it’s too overwhelming to keep up this practice, use a password manager to help!
- Don’t go on a phishing expedition: Think twice before opening unsolicited messages or attachments, particularly from people you don’t know, or clicking on random links. The message may be from a cybercriminal who has compromised your friend or family member’s email or social media accounts.
- Don’t keep a (dis)connected home: When installing a new network-connected device, such as a router or smart thermostat, remember to change the default password. If you don’t plan on using the Internet feature(s), such as with smart appliances, disable or protect remote access when not needed. Also, protect your wireless connections with strong Wi-Fi encryption so no one can easily view the data traveling between your devices.
- Be in control when online: Entrust your devices to security software to help protect you against the latest threats. Protect all your devices with a robust, multi-platform solution, like Norton Security.
- Know the ins and out of public Wi-Fi networks: Accessing personal information on unprotected public Wi-Fi is like broadcasting your entire screen on TV – everything you do on a website or through an app, could potentially be exposed. Avoid anything that involves sharing your personal information (paying a bill online, logging in to social media accounts, paying for anything with a credit card, etc.).