According to new research, 43% of us aren’t concerned about having our identity stolen online. Perhaps it’s about time we got more worried about it. A new social experiment video reveals just how susceptible to online fraud we actually are.
Steve Keywood is the average smart internet user. He’s comfortable with shopping online and finding deals, he has his own site, and he’s a popular social networker. But when he volunteered himself to spend five days in full public view with nothing but a laptop and a credit card for company, little did he suspect that he would be exposing his personal details just as readily in the process.
This is the point when the security savvy amongst us turn infuriatingly smug and self-admiring. But even through something as trivial as forgetting to log out of websites, which 62% of us do regularly, Steve had put himself at risk. At the end of the experiment, he was informed that a hacker was able to access all of his personal information and passwords.
Experian CreditExpert believes that almost 20 million pieces of personal information were traded illegally by scammers in the first half of this year. Unsurprisingly, credit card fraud is on the rise as well. Over the same six-month period, total losses on credit cards due to fraud rose by 9% to £185 million on the previous year, the UK Card Association has shown.
And in part, these gains are being made because of basic errors that millions of us make every day. Research commissioned by Experian revealed the following:
- 62% of us people don’t always log out of websites;
- 26% of us never look for the padlock symbol;
- 15% sometimes open emails not realising they are spam;
- 26% tick websites’ terms and conditions boxes without having read them first.
Fraudsters are now targeting lucrative online opportunities where they suspect targets will be more vulnerable. The number of phishing websites has trebled to well over 110,000 in 2012, with many of these now designed to look perfectly credible to the untrained eye. And it’s hardly any wonder that these succeed when over a quarter of us fail to identify the safety symbols that help to protect our details online.
Details within easy reach? Steve’s personal details and passwords are all uncovered by a hacker.
So, what measures can we take to protect ourselves online?
- Never disclose your credit card PIN to anyone claiming to be your bank or the emergency services. It is unlikely that you will ever be contacted directly for this information.
- Ensure that you have up-to-date antivirus software and the latest updates and patches for your operating system.
- Log-out from websites after use (thanks Steve!)
- Avoid suspicious and unsolicited emails, and do not attempt to unsubscribe from such mailing lists. This will alert the mailer that your account is active and that you are opening messages sent to you.
- Read terms and conditions. These are normally written by professional copywriters; any abnormalities here could help you to identify a rogue site.
- Check regularly for unusual transactions on your statements. Let your bank or card provider know as soon as possible if you spot any irregularities.
- Vary your passwords and change them regularly (thanks again, Steve!)
- Enter details only onto a secure websites. Check for a locked padlock or unbroken key symbol in your browser. This will normally be accompanied by HTTP Secure, which provides some additional protection against intrusions.
Credit cards, I’m sure we can agree, are costly enough. Take all the protective measures you can so that they don’t end up costing more.
The transcript for the video continues below.
[Scroll]: Elizabeth St, South West London. 24th September 2012. Steve Keywood is confined to a 3m x 2m box with only the internet for helpâ€¦
Hi. I’m Steve, and for the next five days, I’m living my life in a box.
[Searching]: Rocket and parmesan. Orders over fifteen quid get delivered for free. So, let’s get to the checkout.
[Receives delivery]: Look at that! Do you reckon there’s any cutlery?
[Online Security Expert]: It’s becoming easier and easier task to hack into or extract somebody’s details by the day. Ten years ago, it took a lot of technical knowledge and competence to carry out these kind of attacks, but as the underground community has evolved, so too has the tools and techniques used by hackers. These applications and mechanisms have become much more readily available and easier to use, which means even a 10 year old can now compromise somebody’s accounts through free tools and services available.
Hey Guys! Steve here from ‘Life in a Box’. Day one complete, and what a day it was. I’ve got to be honest with you – it’s harder than I thought. Not really ended up with what I wanted. I wanted a sofa on the first day so I could sit down a bit more comfortably. I did manage to get a couple of cushions, which is a good result, and I’ve found a place that delivers stuff within 90 minutes, so that’s quite handy too. Sofa’s coming tomorrow at midday. I just managed to source that in the last hour with some help from some people on Twitter. I’ve also got an Ocado delivery first thing too.
[Breaks to interact with passers-by taking pictures]. People have been walking past. People taking pictures. Everyone’s saying hello and smiling and all good stuff like that. So, brilliant day.
Success of the day: building a network on Twitter. You guys have been amazing. Facebook’s cool too. Got some wicked new challenges. I’ve got to start a band and I’ve got to get a celebrity autograph, so keep your eyes peeled for that.
I’m not overly conscious of logging out of sites to protect my details. I would do if it was someone else’s computer; not so much if it was mine.
[Online Security Expert]: Online security can be really simple. Individuals just need to stay current with their a.v. [anti-virus] updates; they need to stay up-to-date with operating system patches; and they need to ensure that the little padlock is protecting their information when they’re online – this means any data that a user wouldn’t want someone else seeing, such as credit cards, passwords, or personal identifiable information.
At the same time, they should also think about signing up to services that proactively monitor and protect against the distribution or compromise of any of their data. These services are designed to monitor the areas of the internet that normal individuals cannot access and allow for users to be kept informed of all possible data loss.
[Steve concludes]: I’m far more aware of the basic errors involved in online security. During this experience, I’ve only used one password but from now on I’ll vary my passwords and change them regularly.