RealTime IT News

Consumers Whistling Past the Security Graveyard

Less than 20 percent of American home computers are adequately protected against viruses, spyware, hackers and other security threats. Nevertheless, an overwhelming majority of users believe they are safe from an attack.

The troubling findings underscore the second annual AOL/National Cyber Security Alliance (NCSA) Online Safety Study released Wednesday afternoon.

The study shows more than half (56 percent) of the participants either had no antivirus protection or had not updated it within the last week, almost half (44 percent)) did not have a properly configured firewall and nearly four in 10 (38 percent) lacked spyware protection.

The study also shows that unprotected consumers are making themselves prime targets for online scams: three-quarters (74 percent) of respondents use their computers for sensitive transactions such as banking, stock trading or reviewing personal medical information.

In addition, more than two-thirds (68 percent) keep sensitive information on their home computers such as personal correspondence, resumes or professional records or health or financial information.

"There is a major perception gap: Even though most consumers think they are protected, this study shows the opposite," Ron Teixeira, the NCSA's executive director, said in a statement. "Far too many people still lack the three fundamental protections they need to stay safe online -- current anti-virus software, spyware protection and a secure firewall."

The AOL/NCSA study is the largest study of its kind, sending technical experts into hundreds of typical homes to examine PCs for known security risks and threats.

One of the key consumer misperceptions, according to the study, involves phishing attacks, with scam e-mails aimed at identity theft hitting one in four U.S. computers every month. The study shows more than two-thirds of consumers (72 percent) thought the phishing e-mails were from legitimate companies.

Despite the fact that nearly one in five respondents (18 percent) taking part in the study said a friend or family member had already fallen victim to an online identity theft scam, the survey revealed that only 42 percent were familiar with the term phishing, and of those, just 57 percent could accurately define it.

"Phishers are getting better at tricking consumers into revealing their bank account and financial information, and most Americans can't tell the difference between real e-mails and the growing flood of scams that lead to fraud and identity theft," said Tatiana Platt, SVP and chief trust officer for AOL.

Homes with wireless networks were also woefully protected.

The study reveals that more than 25 percent of homes have a wireless network, but nearly half of those users fail to encrypt their connection.

Not all of the study's news was bad, with the percentage of home users with properly configured firewalls jumping from 28 to 56 percent. The researchers gave Microsoft credit for the increase in firewall protection as the company rolled out its Windows XP SP2 update with a default-on firewall.

"Although we have made some strides in helping consumers protect themselves, the threats are growing broader and more dangerous, so the risk of failure can be that much more catastrophic," said Platt. "You can't lock just a few of the windows in your house and expect to stay safe from thieves."