Consumers Have a False Sense of Confidence Around Personal Security

istock 1273477165

Most Americans say they are concerned about their cybersecurity – but their actual knowledge of how to protect themselves does not match that level of worry.

Sophos’ State of Consumer Home Cybersecurity 2021 report, an independent survey of 2,500 consumers across the US, finds many consumers are uninformed about threats like ransomware, as well as how to protect themselves and their households. The research also finds that consumers have inaccurately high perceptions of their cybersecurity knowledge, and a false sense of security.

The report finds more than 9 in 10 consumers (91%) worry about online security threats affecting their household – and 61% say they believe someone in their household could be the target of an attack anytime in the next 12 months.

“I think the awareness is there – more than ever,” says Chester Wisniewski, principal research scientist at Sophos. “Almost every American has probably been caught in some breach by now. But what people need to understand now is more ephemeral.”

While credit card fraud is what many people worry about, it is actually a fairly easy issue to resolve since most credit card issuers will not hold the consumer responsible for fraudulent charges, says Wisniewski. But the much bigger issue is sensitive information that, once stolen, can be used to steal a person’s identity and destroy their credit.

“Mother’s maiden name, social security numbers, birthdate. Those are the bigger concerns,” he notes.

Concerns of all kinds have grown as a result of COVID-19, according to the research. Nearly half (45%) of consumers believe they’re at a greater risk now of facing a cyberattack than they were 12 months ago.

Ransomware Hits Home

A major plague on business today is ransomware – and it is also targeting consumers. But the report finds when it comes to ransomware, 60% of consumers believe they know what it is – but only 49% could actually identify it correctly. This could indicate that a lack of cybersecurity knowledge leads many consumers into falsely interpreting their “ransomware” experience as a real ransomware attack.

Wisniewski says to best way consumers can protect themselves against ransomware is to run enterprise-grade protection software and keep it up to date.  

“Most people should understand that a criminal will try to get you to do something, whether it is download something or click on something,” he notes. “The software will ask: ‘Do you want to proceed?’ If the technology is telling us no, we shouldn’t jump through hoops to get around it. Heed these warnings.”

Unfortunately, the report finds compliance with this kind of security hygiene falls short: 36% of consumers don’t regularly update or patch their operating system or applications. It also reveals 24% don’t have or use a password manager, and 20% never backup data to the cloud.

The full report findings are available here


Copyright © 2021 IDG Communications, Inc.