Online shoppers open for cyber-crime: Norton study
Geo-location updates, lack of password changes, mobile phone transactions can be high-risk
A new study by Norton has shown that last-minute holiday shoppers are not taking even the simplest steps to protect themselves or their bank accounts from cybercrime.
The Connected but Careless study has also shown that over 50% of people under 35 are updating their social networking status with real-time geo-location references to where they are, inviting criminals into their homes and activities.
"We're seeing huge gains in people shopping and banking online, especially around the holidays," said personal finance expert Jean Chatzky, who collaborated with Norton on the development and analysis of the study. "The survey shows that people are still unaware of how their online activity can pose a ‘real world' threat to their finances. It's like an invitation to cybercriminals."
The study, sponsored by Norton and conducted by Javelin Strategy & Research, surveyed over 1,000 internet users in the US, and showed that despite repeated warnings about internet threats, users are still unconcerned or uninformed about cyber threats.
Three areas that study showed to be of particular concern are: location-based services, mobile phone transactions, and online passwords.
While the study was conducted in the US, online shopping is increasing rapidly in the UAE and, with that increase comes an increased threat to users.
"E-commerce is growing in popularity here in the UAE with portals such as Souq.com, operating in Saudi Arabia, Egypt and Jordan as well as headquarters in the UAE that are catering to a considerable 1.5 million users every month, Thus as the online retail market matures in the region, it is first and foremost in the mind when engineering Norton consumer security solutions that this kind of growth must come hand in hand with education of the ever expanding cybercriminal network as more and more home users turn to the Internet for shopping services," said Tamim Taufiq, head of Consumer Sales, MENA for Symantec.
Risky online behaviour found during the study includes people updating their social networking with geo-location information. Twenty-two per cent of those interviewed for the study, who use their mobile or smartphones to connect to the internet, said they gave permission for applications on their devices to geo-tag there whereabouts. Fifty-six per cent of those under the age of 35 regularly update their social networking with their real-time location giving criminals a good idea of when the time is right to break into a home.
"Giving away your location is a potential ‘gateway' that people should be aware of and think about," said Chatzky. "The only people who need to know that you're out-of-town, or not where you usually are, are your family, close friends and maybe a trusted neighbour. Technology is changing so fast, that many people may not even be aware of the various ways they're opening themselves up to potential financial losses."
Another potentially risky behaviour is a lack of mobile security.
Almost 38% of those questioned in the study used their mobile phones to access their bank accounts and make online purchases. Fifty-one per cent use their mobile phones to update their social networking status, but one in four people know nothing about safe mobile phone use practices. Fifty-two per cent of those accessing the internet via their mobile phone do not use even the basic levels of protection, the study shows.
"There are so many simple steps people can take online to protect themselves from identity theft, credit card loss and real world threats, and still stay connected," said Taufiq. "As the internet becomes an even bigger part of our daily lives, we hope people will start taking Internet security more seriously than they are today. Unfortunately, that's not what we're seeing in the data."
Another risky online behaviour is not changing passwords. Many online shopping portals are ties to email accounts. If a cybercrook manages to access an email account they can then access all of users' online shopping sites and banking information. Forty-six per cent of those surveyed admitted that they never change their password on their e-mail accounts
"Strong, frequently updated passwords are an easy way of protecting yourself and your finances from cybercrime," said Taufiq. "Using the same passwords on all your accounts or site - as we now know too many people do - opens yourself up to potential hackers in a way that's easy to avoid."