Australian public not aware of new online attack vectors: Norton

Consumer awareness of bad emails and dodgy attachments is high in Australia but the bad news is these are the old attack methods from five years ago, according to the latest Norton Cybercrime report.

Speaking at the media launch of the report in Sydney, Norton Asia-Pacific and Japan vice president, David Freer, told press that Australians are using basic protection such as anti-virus software and deleting suspicious emails but are not aware of the new attack vectors delivered via Web compromises such as social networking site links designed to harvest personal information.

The global report surveyed 13,018 adults aged 18 to 64. Five hundred Australians took part in the survey.

[ With the increasing threat of cyber crimes, protect yourself and stay informed on the latest news with Computerworld's Security newsletter ]

Read: Don't be afraid to report online, door-to-door scams

"Unfortunately your basic anti-virus software is not enough to protect you in that area," he said. When asked what the vendor was doing to educate punters about the new threats, Freer said the vendor takes a couple of different approaches.

"The first is awareness through the media and also through software innovations such as Norton's Facebook Scanner which alerts customers to bad links on social networking sites."

According to Freer, the vendor was providing more of these tools for free to "make certain that people will use them".

However, security awareness was not the only area that needed improvement. For example, 25 per cent of Australians surveyed did not think they were at risk online.

According to Freer, many young people think they are anonymous online and openly flaunt what they are doing on social networking sites without using privacy settings.

This was despite the survey finding that 12 per cent of Australian social network users reported someone had hacked into their profile and pretended to be them while one in 10 social network users indicated they had fallen victim to a scam or fake link on social network platforms.

While 80 per cent of Australians surveyed believe that cybercriminals were setting their sights on social networks, only 49 per cent use a security product which protects them from social network threats while 55 per cent use the privacy settings to control what information they share, and with whom.

According to the report, 22 per cent of Australian mobile users surveyed received a text message from someone they didn't know requesting that they click on an embedded link or dial an unknown number to retrieve a 'voicemail'.

In addition, 20 per cent of Australians surveyed did not understand the risks of cyber crime and what could happen if a criminal got hold of their email account.

"What we have discovered is the most risky area and most valued by cyber criminals is your personal email account and its password," Freer said.

"This email has a higher value in the underground economy than buying a credit card number. That's because this is the account you can reset every password to," he said.

For example, 27 per cent of Australian adults reported to have been notified to change their password for a compromised email account.

"What was most surprising was that well over four in 10 Australians are putting Word documents on their personal email and sending them back and forth," he said.

"The work environment brings a certain level of security but when it's using a personal device and accessing the work email that's a fairly risky thing to do."

In addition, he said 22 per cent of Australians surveyed were accessing copies of bank statements, which contain personal details, using their personal email. Another concern was that 17 per cent of consumers surveyed sent passwords back and forth using email.

"One area that can be fixed but where consumers are falling down is password usage. The number of people who use the same password year after year on all of their accounts is phenomenal," Freer said.

Copyright © 2012 IDG Communications, Inc.

7 hot cybersecurity trends (and 2 going cold)