Despite losing $1.2 billion to cybercrime in the past year, many Australians still think they have the adequate know-how when it comes to protecting themselves online and believe they are well-prepared should they ever become a victim of online crime, according to research by security vendor Norton. We also look at an online fraud report from credit reporting agency Veda.
In a survey of more than 17,000 consumers in 17 countries, a thousand of which were in Australia, Norton found that Australians lost an average of 14 hours and $325 per person dealing with the impact of cybercrime. Credit card fraud and online extortion were the most common ways criminals squeeze money out of consumers so it's no surprise Australia comes in at eighth place for countries that are most affected by ransomware.
According to Norton, the average amount that Australians pay during a ransomware attack is $420 to $720 and there's no guarantee they will get access to their PC or files back. It's not just individuals who are being targeted. A growing number of small businesses have been struck by ransomware as well and many of them do end up paying the ransom.
Around four million Australians were a victim of online crime in in the past year.
Identity theft is another popular way online criminals are swindling money from consumers. In a report by Veda which surveyed 1000 Australians, a quarter of them said they have suffered identity theft in the last 12 months, a year-on-year increase of seven per cent. Half of credit application fraud is now occurring online which is a whopping 33 per cent jump from last year.
While awareness is high for cybercrime thanks to some high profile security breaches in recent years, Australian consumers are showing some hubris when it comes to their ability to protect themselves online. In the Norton survey, many respondents rated themselves highly in certain security practices but most of them failed to protect their passwords, the most basic element of online security.
Less than half (47 per cent) always use a secure password, which consists of a combination of at least eight letters, numbers and symbols. Around 27 per cent shared banking account passwords with family or friends mostly through email (55 per cent) and social media (38 per cent).
Approximately 40 per cent of respondents think they know exactly what to do if they are hit by cybercrime although only 16 per cent felt like they had complete control over their online security, and with good reason. Yes, consumers are becoming savvier with online security but criminals are upping their game.
Take credit applications for example. Credit provider have toughened up rules and implemented technology to combat criminals using false identities for applications. This has sparked a surge in identity takeovers where criminals completely assume the identity of an unsuspecting victim — and sometimes even whole companies — to apply for credit.
This type of fraud has grown by 59 per cent in the past two years. Recent data breaches of dating sites, retail and government databases has given criminals access to a wealth of personal information that they can use for this purpose, according to Veda. The Office of the Australian Information Commissioner noted that the 2014 to 2015 period saw the highest ever number of notified data breaches in Australia.
So what can Australians do about this the growing issue of cybercrime? Here are some tips from Norton for consumers. These tips are also applicable for organisations that want to educate their employees on how to protect themselves from cyberattacks which can compromise of corporate networks:
- Choose a unique, smart, secure password for each account you have online.
- Delete emails from senders you don’t know, and don’t click on attachments or links on suspicious looking emails.
- On social media sites if an offer sounds too good to be true, it just might be. Beware of the pitfalls of clicking on links from social media sites. Before clicking, hover the mouse over the link to see its destination. Only click on links that lead to reputable, official company pages.
- Always monitor your financial accounts for unusual activity. If there is a charge that you didn’t make, report it immediately. Often cybercriminals will charge a small "test" amount before attempting to drain your bank account.
- Don’t put off installing security software […] and updating it regularly.
- Use a secure backup solution to protect files and backup regularly so criminals can’t hold them for ransom.
- Report cybercrime to ACORN and seek support from IDCare, if you have been affected by identity theft.
Have you or your company been a victim of cybercrime? Let us know in the comments.