Symantec: Hacking victims blame themselves

Just under two-thirds of all Internet users have been hit by some sort of cybercrime, and while most of them are angry about it, a surprisingly large percentage feel guilt too, according to a survey commissioned by Symantec.

In a cybercrime survey of just over 7,000 Internet users in 14 countries, researchers found that 65 percent of Internet users worldwide have already been victims. In the U.S., it’s 73 percent, but things are worse in China (83 percent), Brazil (76 percent) and India (also 76 percent).

Those results stood out to Norton Internet Safety Advocate Marian Merritt, who tracks this type of data for a living. “What we were really surprised by was, first of all, how common it was that people are being victimized by cybercrime,” she said.

Another surprise: how victims react to being hacked. “People do fee angry, but we also found that people feel pretty guilty,” she said. “54 percent said they should have been more careful, when they responded to online scams.”

A slightly higher percentage — 58 percent — said they felt angry.

When it came to identity theft victims, 12 percent said that the incident was entirely their fault, Symantec found.

Many people are in a pretty muddled state when it comes to dealing with the threat of online crime, however. They know that cybercrime is common, but they’re unsure what to do to really prevent it, Merritt said.

“People are recognizing that they did something wrong in a variety of different ways, but they’re not — to a great extent — changing their behavior,” Merritt said. “There’s such a lack of awareness and knowledge about who’s doing that cybercrime that people really don’t know what to do.”

Of course, Symantec, an antivirus software vendor, thinks that keeping security software up to date is important, but security experts say that many of the latest threats are often undetected by antivirus products.

There are a lot of other things Internet users can do to keep safe, however. Users also need to be careful where they’re going on the Web, double check the attachments they open, and be wary of any out-of-character messages sent from friends via Twitter, Web mail, or social networks.

And they also should do a better job of reporting cyber attacks to authorities, Merritt said. They can report cases to the U.S. Federal Bureau of Investigation’s Internet Crime Complaint Center Web site, but also to local authorities. Reporting scams to local high tech crime units really can give law enforcement a better understanding of what the scammers are up to, Merritt said. “If multiple people are reporting the same crime, it will get referred,” she said. “They’re going to start noticing trends when they have the information available.”

Robert McMillan covers computer security and general technology breaking news for The IDG News Service. Follow Robert on Twitter at @bobmcmillan. Robert’s e-mail address is robert_mcmillan@idg.com