Sophos Survey Reveals Consumers Are More Worried About Cybercrime Than Physical World Crime, Yet Awareness Of Phishing Scams And Ransomware Remains Low

Sophos Press Release
  • Nearly half of all those surveyed are not familiar with email phishing scams or perceive them as a low threat, even though phishing is the “gateway” to malicious online activity 
  • More than 30 percent of those surveyed are not familiar with ransomware or perceive it as a low threat, despite being the most notorious and debilitating cyber threat right now
  • Lack of security awareness puts others at risk, too; 55 percent of those surveyed said they advise someone else on keeping their computer protected from malware and hackers
  • Thirty-two percent of those who rely on someone else to handle their cyber security are vulnerable to a data breach

OXFORD, UK – Dec. 14, 2016 – Sophos (LSE: SOPH), a global leader in network and endpoint security, today announced the findings of a recent survey that asked consumers about their awareness of phishing, ransomware, malware, spyware, hack attacks and other prevalent cyber threats. Significantly, the survey reveals that consumers are more worried about cybercrime than physical world crime.  

Of those surveyed, 63 percent worry about financial loss due to a computer breach, 61 percent are worried about hackers taking over their computer to send spam and malware campaigns to their contacts and other innocent people, and 58 percent are worried about hackers rendering their computer useless. By contrast, 46 percent worry about their car being stolen or broken into or about physical assault, 52 percent worry about their home being robbed, and 56 percent of those surveyed worry about terrorism. The survey polled 1,250 consumers in the US, UK, Germany, Austria and Switzerland.

“People understand how to protect their home or car - they feel they’ve got the physical world covered. Whereas cybercriminals are invisible and the virtual crime world is unpredictable and complicated, especially when it comes to cyber threats like phishing and ransomware,” said John Shaw, vice president, Enduser Security Group, Sophos. “Attacks today usually start from legitimate websites that have been hacked – unbeknownst to the people visiting them – or from phishing – sending fake emails designed to look real – to lure consumers into opening dodgy documents or clicking malicious URLs. Once unwitting users have clicked, ransomware executes in the background and then locks and holds hostage your personal files, photos and other valuable data until you pay the criminals money.”

Despite concern for cybercrime in general among those consumers surveyed, awareness of phishing and ransomware remains relatively low. Forty-seven percent, nearly half, are not familiar with phishing or perceive it as a low threat, which is a concern considering phishing is the number one attack method used to gain access to personal information. More than 30 percent of those surveyed rated themselves as being extremely unprotected, unsure of being protected or completely unaware of phishing attacks. Thirty-one percent of those surveyed said they are not familiar with ransomware or perceive it as a low threat.

“Those within cyber security circles know ransomware has become a lucrative billion dollar business for an army of cybercriminals who use toolkits developed by ‘super hackers.’ These toolkits put advanced exploit techniques at the fingertips of any criminally-minded person who is even vaguely computer literate to easily carry out cyberattacks,” said Shaw. “It’s time consumers learn about the tricks and trade of cybercriminals and how their threats are constantly evolving.”

Not surprisingly, traditional malware and spyware - cyber threats that have been with us for a long time - are perceived as the largest threats. Fifty-nine percent of all surveyed perceive malware as an extremely large threat and 54 percent perceive spyware as an extremely large threat.

“Consumers are the most vulnerable to ransomware, malware and spyware, because unlike at work, they don’t have an IT department looking over their shoulder and handling cyber security as part of a full time job,” said Shaw. “In many households, one person provides ‘defacto IT support’ in the home, as well as for family and friends outside of the home, but that person doesn’t always feel confident that they know what they should be doing or have the time to do it.”

Lack of awareness puts others at risk, too

Fifty-five percent of all surveyed by Sophos said they advise someone else (spouse, kids, friend, parents, extended family, grandchildren and other) on keeping their computer protected from malware and hackers. Of these, 14 percent are not confident that they’ve properly backed up and could recover data after a security breach from a computer they look after for someone else. Eighteen percent sat on the fence, neither unsure nor confident, leaving 32 percent of those who rely on someone else to handle their cyber security potentially vulnerable to a data breach.

“Backing up computers and installing advanced protection for home PCs and Macs are things we should all be doing, like adding a house or car alarm to the locks on your doors. We should also be much less trusting online. Be vigilant about emails - if you are not absolutely sure who sent it and why, check with them first, and if you’re skeptical, just hit delete,” said Shaw. “These are some top tips consumers and designated home IT providers should use as best practices to stay safe online.”

Additionally, 11 percent are not confident that the computer they monitor for someone else is protected from hackers and viruses, and 14 percent were neither unsure nor confident. This means 25 percent of home computers that are managed by someone else, as surveyed, are vulnerable to cybercrime, including phishing and ransomware.

“At home, anyone who is vaguely technically literate is often expected to protect multiple PCs and Macs for their extended family and friends,” said Shaw. “The Sophos survey data shows a need for remote, cloud-based cyber security, like Sophos Home, which lets people easily manage protection for multiple computers and multiple people from one single dashboard.”

Sophos Home is a free commercial-grade product that combines antivirus and URL blocking to protect home PCs and Macs from malware, viruses, ransomware and inappropriate websites. Users can manage security for up to 10 computers from any browser, including PCs and Macs in remote locations.  

Sophos surveyed 1,250 consumers 18 years or older in the US (500), UK (500), Germany, Switzerland and Austria (250) during September 2016. ReRez Research, Dallas, Texas, an independent market research firm, conducted the study.

Survey information is available on the Sophos blog. Survey infographics, plus ransomware and phishing screen shots from SophosLabs, are available upon request.

ソフォスは、次世代エンドポイントおよびネットワークセキュリティのリーダー企業であり、連携型セキュリティのパイオニアとして、エンドポイント、ネットワーク、暗号化、Web、電子メール、モバイルセキュリティソリューションを連携させ、優れた効果を発揮させる革新的なポートフォリオを開発しています。ソフォスの製品は、脅威対策やデータ流出対策のベストソリューションとして認知されており、世界約150カ国で1億ユーザー以上のお客様に採用されています。ソフォスの製品は、26,000社以上の登録パートナー企業から構成されるグローバルチャネルからのみ提供されます。ソフォスの本社は英国オックスフォードにあり、ロンドン証券取引所に上場しています(LSE: SOPH)。詳細については、www.sophos.comをご覧ください。