Despite security awareness campaigns, many users still give away sensitive information

Dark Reading Staff, Dark Reading

April 26, 2012

2 Min Read

End users are worried about their online privacy, but they still don't always know how to protect it, according to a study published this week.

According to the study of U.K. Web users' attitudes on online security (PDF), which was conducted by One Poll and sponsored by security company Faronics, many end users would still share confidential information with people they didn’t know.

Almost a third (32 percent) stated they would send a password, bank account number, or their mother’s maiden name via email or a social networking website.

Respondents were particularly trusting of LinkedIn, with 33 percent of site users admitting they have accepted connection requests from people they do not know. This compares to just 15 percent of Facebook users. Likewise, while 46 percent of Facebook users have customized their privacy settings, just 20 percent of those on LinkedIn have controlled who can view the information on their profiles.

Many people still do not believe they are a target for cybercriminals, according to the study. More than half (51 percent) said they are not at risk of cyberfraud, and 28 percent believe there is no value in the information posted on their social networking pages. Thirteen percent would be happy to send a password to complete strangers online if the request looked genuine. Only 21 percent have heard of spear-phishing.

"While the risk of identity theft and other cyberthreats is relatively well known, many users still seem to be in complete denial that it could happen to them," said Bimal Parmar, vice president of marketing at Faronics.

Sixty percent of all respondents stated they would be willing to open an unsolicited email attachment if it looked relevant, interesting, or appeared to be in response to an action they had taken. Just 24 percent of U.K. organizations say they have specific policies, training, and/or safe computing measures in place to prevent an employee from falling victim to spear-phishing and other email scams.

A fifth of survey respondents still believe that a good PC security package will solely protect them from fraud.

Have a comment on this story? Please click "Add a Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights