Most users still complacent on security despite work-related mobile usage

Just 1 in 3 Internet users has implemented strong privacy settings despite nearly half having encountered malware and 48 percent experiencing a financial threat in the last 12 months, according to a new survey of consumer behaviour that suggests most users still have a long way to go in securing their online activities.

Fully 13 percent of 12,355 respondents from 26 countries who participated in Kaspersky Labs' Consumer Security Risks 2015 survey, conducted by B2B International – including 402 from Australia – said they don't take any precautions at all to protect their privacy and 14 percent said they had lost a mobile device or had it stolen. In such cases, 15 percent of the data lost was never recovered – and of those recovered, the median cost of recovery was $US682 ($A950).

The figures reflect the growing dependence on mobile devices, with 23 percent saying their online access was mainly through a mobile device and ready access to mobile Internet driving a median of 18 hours' Internet usage per week; some 26 percent said they spend over 4 hours per day online.

Much of that activity related to financial or sensitive information, with 63 percent of tablet and 58 percent of smartphone users saying they worked while mobile; online shopping (48 percent and 41 percent), online banking (42 percent and 44 percent), using online payment systems or digital wallets (28 percent and 27 percent), and online data storage (33 percent and 27 percent) were all popular applications that involved sensitive information.

The survey also found that users are quite happy to use communications services they don't feel are secure, with 70 percent saying photo-messaging apps like Snapchat are insecure, 62 percent saying the same about instant-messaging applications, and just 52 percent believing SMS/MMS messages are not secure.

Similarly, even though they regularly store sensitive information on their portable devices – 37 percent store files for work use, 25 percent stored “sensitive information I would not want others to see” and 23 percent stored banking details – some 37 percent of smartphone users were happy to use free public Wi-Fi services despite their being a well-known security concern.

Fully 13 percent said they used free Wi-Fi services to log onto websites and accounts, while 8 percent used the access points to shop or bank online. Just 26 percent said they would limit their activities when using public Wi-Fi services in order to reduce their security exposure.

The findings were worrying for Kaspersky Lab ANZ managing director Andrew Momonitis, who noted in a statement that “when we’re offline we’re always on guard, but when it comes to the Internet the self-preservation instinct often fails us.

“And, of course,” he continued, “today everything has a digital format: our personal life, intellectual property and money. All this requires that we adopt the same kind of responsibility as in real life, as the cost of making a mistake online can be just as high.”

Read more: The week in security: Aussies atop victim rankings, malware authors down tools

The survey also revealed that users' ability to avoid differentiate legitimate and phishing Web sites was limited: only 24 percent of respondents could identify genuine Web pages without also selecting a phishing page, while 58 percent chose only phishing sites and did not select any legitimate sites.

One in 10 users was prepared to open an attached file without checking it and 19 percent said they would disable a security solution if it tried to prevent the installation of a program they wanted to install.

User apathy over security has been a common theme in recent surveys, with a recent Galaxy Research study finding poor password hygiene amongst Australian users, poor control over BYOD mobile devices by businesses, and a lack of security and app-development expertise amongst mobile developers who are struggling to add adequate security protections to their mobile apps.

Blast from the past?

Try our new Space Invaders inspired video game NOW.

What score can you get ?

Join the CSO newsletter!

Error: Please check your email address.

Tags securityGalaxy Researchmobile usageB2B InternationalmalwareprivacyCSO Australiakaspersky labsAndrew Momonitis

More about GalaxyKaspersky

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place