In the latest confirmation that human beings really don’t care about protecting themselves online, a Kaspersky test has found that almost a third of internet users do nothing to protect themselves when making online payments.
The test, conducted online, included a number of potentially dangerous situations that users often encounter on the Internet, including online financial operations. Over 18 000 users globally completed the test.
No ad to show here.
The results also show that only half of users check if a website is authentic before entering their financial details and that many are completely ignorant of the basic rules they should be following when it comes to online safety.
Read more: Security and the Internet of Things: what you need to know
Those taking part in the test were asked to select one of four fictitious banking sites to enter their account details. Only half of the participants were able to recognise the truly secure site with an unmodified name (changes to an organisation’s name are a common giveaway of phishing) and the https prefix indicating an encrypted connection. Moreover, 5% of respondents selected sites with a misspelt address, which suggests they are potentially fake pages created to steal financial data from users.
Users were then asked what steps they would take before entering their financial data to make an online payment. Only 51% of respondents globally said they verify the authenticity of a site. 21% of those surveyed use a virtual keyboard to protect their passwords from interception by malware, while 20% check their security solution is working properly to ensure the payment is secure from any outside interference.
Almost a third of users (29%) said they would take no additional action because “the websites of big, well-known companies are sufficiently protected”. However, in most cases even a protected site cannot guarantee that cybercriminals will not interfere in the payment process or that a device is not infected by a malicious programme designed to steal money. 11% of respondents would use “incognito” mode to protect a payment, 4% would resort to an anonymizer, and 7% of those surveyed would repeatedly enter and wipe the data “to confuse viruses”. Unfortunately, these actions do nothing to protect a user’s financial information.
Read more: Security is no longer just an IT concern, but is behaviour changing?
According to Kaspersky, it turned out that some users were just as careless about protecting their payment details in the real world: 20% see no problem in letting their bank card out of their sight when paying in a restaurant thereby giving fraudsters a chance to make a copy.
“These figures reinforce what has long been observed that many users still are not only endangering themselves and their money but also the banking and payment system businesses they use. Dealing with incidents, even if they are caused by inexperienced users, can consume considerable resources and have a negative impact on a company’s reputation. User confidence in companies doing everything possible to protect them from online fraud imposes a great deal of responsibility. That means the use of specialised security against online theft is becoming a necessity,” says Ross Hogan, Global Head of the Fraud Prevention Division at Kaspersky Lab.