Consumers continue to be concerned about the safety of personal information on the Internet.
A poll of more than 4,500 consumers by RSA, The Security Division of EMC, finds two in three people are reluctant to share on social networks and three in ten fall prey to phishing attacks -- a six-fold increase in just two years. The survey also found a desire among consumers for better identity protection.
The survey also found that consumer awareness of phishing attacks has doubled between 2007 and 2009, while the number of consumers who reported falling prey to these attacks increased six times during that same period of time.
And while hundreds of thousands of people join social networking websites each day, the survey found that nearly 65 percent of people who belong to these online communities are less likely to interact or share information because of their growing security concerns.
Melanie of Blaxland, Australia, tells ConsumerAffairs.com that someone has managed to gain access to her Profile on MySpace. "This person has been stalking me over the Internet for about 6 weeks now. I cannot access my MySpace account which the password and email address was changed to prevent this. The profile is set to private, and from what I can see, it has turned to a smutty profile, with content that could be damaging and offensive, especially to friends and family."
Wallace of Riverside, CA, says he left his computer on and e-mail open. "Someone somehow started or did something that now shows I have a Facebook account," he tells ConsumerAffairs.com. "I do not want the account and can't get any response from Facebook or Yahoo. The phone numbers provided online loop over and over."
Social networking websites have become a breeding ground for online criminals because of their global reach and the participation by hundreds of millions of active users from all walks of life. This makes these communities prime targets for exploitation by criminals trying to steal personal information through socially engineered attacks. Thus, four out of five people using social networking websites expressed to the pollsters their concern about the safety of their personal information online.
"Fraudsters continue to fine-tune their array of tactics that result in millions of computers becoming infected with Trojans and other malware," said Christopher Young, senior vice president at RSA. "These online criminals are adept at social engineering with at-the-ready phishing attacks that are launched within moments of breaking news about popular celebrities, professional athletes or serious global events. In these cases, people are lured to legitimate websites infected with malware as well as complete fakes designed to look like well-known news sources."
Within these websites, Trojans can easily be masked as 'required' updates to a media player, which can result in countless computers becoming infected with malware.
Despite increased awareness, there have been a growing number of online users that have fallen victim to a phishing attack. In the 2007 RSA survey, only 5 percent of consumers said they had fallen victim to a phishing scam. This rate increased six-times in 2009 to represent three in ten consumers.
Security experts attribute the increase to more advanced communications tactics and greater sophistication such as improved writing and web design skills on the part of the fraudsters. Phishing attacks have also evolved in an attempt to exploit users in different ways and through a broader variety of methods including offshoots known as "vishing", "smishing" and "spear phishing."
The sheer volume of phishing attacks launched in recent months is also contributing to these trends. The RSA Anti-Fraud Command Center recently reported the highest-yet detected rates of phishing attacks between August and October 2009, as well as a 17 percent increase in the total number of attacks between 2008 and 2009.
An increase in consumer knowledge of online threats is further evident from the growth in the number of respondents that expressed awareness of Trojans. In 2007, 63 percent of consumers stated that they were aware of Trojans and in 2009 that figure climbed to 81 percent.
"Consumer education and awareness is one of the first lines of defense in the ongoing battle against online crime," said Young. "Organizations will continue to take advantage of the many benefits offered by the Internet and consumers will seek the convenience offered online -- all despite the inherent risks. In order to maximize the full value of what the online world can offer, organizations need to take a layered approach to Internet security in order to best protect their customers' information."