Millions of UK adults have been victimized by digital scammers in the past, yet a quarter have no security controls to protect their online activity, according to F-Secure.
The Finnish security vendor polled 1000 Brits as part of a global Living Secure study into cybersecurity awareness and behavior.
It found that 19%, roughly 12.6 million Brits, had been tricked by online fraud such as a phishing attack in the past. The impact of these incidents ranged from identity theft to data and password loss and even the theft of life savings, according to F-Secure.
Yet a significant minority still do not protect themselves online, even though they spend an average of eight hours each day using the internet, according to the report. One reason may be that many feel intimidated by the prospect: 60% of respondents said they find cybersecurity too complex.
The report also highlighted a contradiction in respondents’ attitudes and awareness. While over three-quarters (77%) claimed they could spot a scam, around two-thirds said they worry about personal safety online, and that of their families, while half (48%) said they have no idea if their devices are secure or not.
“Our research has highlighted a clear disconnect between what we do online and how vulnerable we feel online, versus the concrete actions we take to reduce that vulnerability,” argued F-Secure CEO, Timo Laaksonen.
“Despite many Britons often feeling unsafe online they still aren’t putting adequate security measures in place. In the physical world you wouldn’t willingly give out passwords and personal data to strangers, so why go online and do it, and risk being a target for online criminals?”
Phishing was the number one cybercrime type by volume of cases reported in 2021, with identity theft, romance fraud, tech support scams and investment fraud also ranking in the top 10, according to the FBI.
The same report found that investment and romance fraud made cyber-criminals a combined $2.4bn that year.
The findings of the F-Secure report would also seem to signal risk for businesses, if employees display the same low levels of security awareness in the corporate sphere as they do at home.