Survey: Confidence In Social Networking Security Shaken As Online Crime Rises

RSA, The Security Division of EMC, announced the results of its 2010 Global Online Consumer Security Survey that polled more than 4,500 consumers regarding their awareness of online threats, concerns with the safety of their personal information online and their willingness to share it, and desire for better identity protection.

Of the more significant survey findings, consumer awareness of phishing attacks has doubled between 2007 and 2009 and the number of consumers who reported falling prey to this attack increased six times during that same period of time. In addition, while hundreds of thousands of people join social networking websites each day, the survey exposed that nearly two in three (65 percent) people who belong to these online communities indicated they are less likely to interact or share information due to their growing security concerns.

Social networking websites have become a hotbed for online criminals because of their global reach and the participation by hundreds of millions of active users from all walks of life. This makes these communities prime targets for exploitation by criminals who seek to steal personal information through socially engineered attacks. Reflective of this trend, the survey exposed that four out of five (81 percent) people using social networking websites displayed concern with the safety of their personal information online.

"Fraudsters continue to fine-tune their array of tactics that result in millions of computers becoming infected with Trojans and other malware," said Christopher Young, senior vice president at RSA. "These online criminals are adept at social engineering with at-the-ready phishing attacks that are launched within moments of breaking news about popular celebrities, professional athletes or serious global events. In these cases, people are lured to legitimate websites infected with malware as well as complete fakes designed to look like well-known news sources. Within these websites, Trojans can easily be masked as 'required' updates to a media player which can result in countless computers becoming infected with malware. While it's difficult to prevent consumers from visiting these websites, we can do a better job of protecting those who do."

Consumers more aware of phishing threats, but new attack methods dupe six times as many in just two years

In a similar RSA survey in 2007, one in three (38 percent) consumers reported they were aware of the threat of a phishing attack -- and this figure doubled in two years where three in four (76 percent) consumers have become aware. Additionally, in RSA's 2010 survey, nine in ten consumers (89 percent) reported concerns caused by the threat of phishing.

Despite increased awareness, there have been a growing number of online users that have fallen victim to a phishing attack. In the 2007 RSA survey, only one in 20 (5 percent) consumers cited they had fallen victim to a phishing scam -- and this rate increased six-times in 2009 to represent three in 10 (29 percent) consumers. This increase can be attributed to more advanced communications tactics and greater sophistication such as improved writing and web design skills on the part of the fraudsters. Phishing attacks have also evolved in an attempt to exploit users in different ways and through a broader variety of methods including offshoots known as "vishing", "smishing" and "spear phishing."

The sheer volume of phishing attacks launched in recent months is also contributing to these trends. The RSA Anti-Fraud Command Center recently reported the highest-yet detected rates of phishing attacks between August and October 2009, as well as a 17 percent increase in the total number of attacks between 2008 and 2009.

An increase in consumer knowledge of online threats is further evident from the growth in the number of respondents that expressed awareness of Trojans. In 2007, 63 percent of consumers stated that they were aware of Trojans and in 2009 that figure climbed to 81 percent.

Consumers' safety concerns translate to significant eagerness for better identity protection

Online banking continues to provide significant levels of convenience for consumers, with quick access to checking and savings accounts, the ability to pay bills automatically, transfer funds and perform other financial transactions. There is dramatic adoption of the use of social networks in which people use to form and nurture personal and professional relationships with each other. Finally, healthcare organizations as well as local, state and federal government agencies are bringing the power and convenience of online services to the consumer -- offering access to personal healthcare records, driver's license renewals and payment of tax bills.

The RSA survey revealed that consumers using online banking (86 percent) websites shared more concern with the theft of their personal information than those using healthcare portals (64 percent) and government websites (68 percent). As a result of these concerns, more than half of all consumers reported that they are less likely to share information and interact on these Web sites.

Consumers agreed that their identities should be better protected than a simple username and password on social networking (59 percent), healthcare (64 percent), government (70 percent) and online banking (80 percent) websites. Nine in 10 consumers are willing to use a stronger form of security if offered.

"Consumer education and awareness is one of the first lines of defense in the ongoing battle against online crime,” Young said. “Organizations will continue to take advantage of the many benefits offered by the Internet and consumers will seek the convenience offered online -- all despite the inherent risks. In order to maximize the full value of what the online world can offer, organizations need to take a layered approach to Internet security in order to best protect their customers' information."

Featured

  • Video Surveillance Trends to Watch

    With more organizations adding newer capabilities to their surveillance systems, it’s always important to remember the “basics” of system configuration and deployment, as well as the topline benefits of continually emerging technologies like AI and the cloud. Read Now

  • New Report Reveals Top Trends Transforming Access Controller Technology

    Mercury Security, a provider in access control hardware and open platform solutions, has published its Trends in Access Controllers Report, based on a survey of over 450 security professionals across North America and Europe. The findings highlight the controller’s vital role in a physical access control system (PACS), where the device not only enforces access policies but also connects with readers to verify user credentials—ranging from ID badges to biometrics and mobile identities. With 72% of respondents identifying the controller as a critical or important factor in PACS design, the report underscores how the choice of controller platform has become a strategic decision for today’s security leaders. Read Now

  • Overwhelming Majority of CISOs Anticipate Surge in Cyber Attacks Over the Next Three Years

    An overwhelming 98% of chief information security officers (CISOs) expect a surge in cyber attacks over the next three years as organizations face an increasingly complex and artificial intelligence (AI)-driven digital threat landscape. This is according to new research conducted among 300 CISOs, chief information officers (CIOs), and senior IT professionals by CSC1, the leading provider of enterprise-class domain and domain name system (DNS) security. Read Now

  • ASIS International Introduces New ANSI-Approved Investigations Standard

    • Guard Services
  • Cloud Security Alliance Brings AI-Assisted Auditing to Cloud Computing

    The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, today introduced an innovative addition to its suite of Security, Trust, Assurance and Risk (STAR) Registry assessments with the launch of Valid-AI-ted, an AI-powered, automated validation system. The new tool provides an automated quality check of assurance information of STAR Level 1 self-assessments using state-of-the-art LLM technology. Read Now

New Products

  • PE80 Series

    PE80 Series by SARGENT / ED4000/PED5000 Series by Corbin Russwin

    ASSA ABLOY, a global leader in access solutions, has announced the launch of two next generation exit devices from long-standing leaders in the premium exit device market: the PE80 Series by SARGENT and the PED4000/PED5000 Series by Corbin Russwin. These new exit devices boast industry-first features that are specifically designed to provide enhanced safety, security and convenience, setting new standards for exit solutions. The SARGENT PE80 and Corbin Russwin PED4000/PED5000 Series exit devices are engineered to meet the ever-evolving needs of modern buildings. Featuring the high strength, security and durability that ASSA ABLOY is known for, the new exit devices deliver several innovative, industry-first features in addition to elegant design finishes for every opening.

  • FEP GameChanger

    FEP GameChanger

    Paige Datacom Solutions Introduces Important and Innovative Cabling Products GameChanger Cable, a proven and patented solution that significantly exceeds the reach of traditional category cable will now have a FEP/FEP construction.

  • Unified VMS

    AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities