Security vendor Norton by Symantec recently conducted a global survey across 21 countries, including Australia, and found that Australians continue to have a very lax attitude towards online security.
The most surprising result is that those who have suffered from a cyberattack in the past, continue to engage in unsafe online practices.
Norton found that 76% of Australians know they need to protect their information online but most are still engaging in risky behaviour. One in four respondents can’t tell the difference between a real email and a phishing scam, which makes them more likely to click on a malicious link, both at home and in the workplace.
The really troubling thing to come out of this report is that people know the dangers online, but still continue to act like it won’t happen to them. That is despite the fact that Australia is an extremely popular country for Ransomware and cases of Ransomware attacks continue to grow.
Mark Shaw, Technology Strategist at Symantec, warned that personal internet habits have the ability to compromise the security of a business.
"For example, phishing scams which have been around for over two decades, have become so sophisticated that Australians still have a hard time identifying fake emails from legitimate emails. According to the research, one in four in Australians cannot detect a phishing attack, and another 15 percent of Australians have to guess between a real message and a phishing email. If phishing emails come through on company connected devices, then clearly this behaviour can put businesses at risk too. "The reality is most people aren’t truly sure how to tell a real email from a fake email. Only half are doing it the right way by looking to see if the email is asking them to take a compromising action, like downloading attachments or sharing their passwords."
Earlier this year a study by Duo Security found that one-third of Australian employees are falling for phishing attacks, putting their companies at massive risk. Only last week, a report claimed that the average cyberattack on an Australian is over $622,000.
These increased risks to Australian businesses highlight the need to have a complete Disaster Recovery Plan in place to make sure your business is operational again quickly if disaster strikes.