Thursday, December 23, 2010

Norton Reveals “Over-Sharing” of Holiday Cheer Puts Consumers at Risk

Careless practices while shopping online and sharing whereabouts via mobile can pose
real world threat to finances, says money expert Jean Chatzky

DUBAI, UNITED ARAB EMIRATES – Dec. 23rd, 2010 – As last-minute shoppers hit the Internet in
force a new study commissioned by Norton not only shows that the holiday season elevates the amount of
transactions people conduct online, but many consumers are not taking even the simplest steps to protect
themselves – and their finances – from the bite of cybercrime. The study also revealed that more than half of
people under the age of 35 are dangerously updating their social networking status with real-time references to
their whereabouts– whether it be at a holiday party or shopping for Christmas gifts at the mall.

While the “Connected but Careless” study, sponsored by Norton and conducted by Javelin Strategy &
Research, surveyed more than 1,000 Internet users in the U.S, the survey revealed that despite repeated
warnings about Internet threats, consumers around the world are still somewhat cavalier and under-informed
when it comes to Internet security, specifically in three areas: location-based services, mobile phone
transactions, and online passwords.

During the holiday period, nearly half of the consumer respondents (47%) said they expected their online
purchases to increase, with 14 percent saying that their transaction level would double or more than double.
Another third of the respondents between the ages of 18-34 (31%) said they expected their social networking
activity to increase over the holidays.

“We’re seeing huge gains in people shopping and banking online, especially around the holidays,” said
personal finance expert Jean Chatzky, who collaborated with Norton on the development and analysis of the
study. “The survey shows that people are still unaware of how their online activity can pose a ‘real world’
threat to their finances. It's like an invitation to cybercriminals.”

Tamim Taufiq, Head of Consumer Sales, MENA for Symantec added, “E-commerce is growing in popularity
here in the UAE with portals such as, operating in Saudi Arabia, Egypt and Jordan as well as
headquarters in the UAE that are catering to a considerable 1.5 million users every month, Thus as the online
retail market matures in the region, it is first and foremost in the mind when engineering Norton consumer
security solutions that this kind of growth must come hand in hand with education of the ever expanding
cybercriminal network as more and more home users turn to the Internet for shopping services.”

Some of the risky Internet activity that the survey uncovered is highlighted below, along with the security
implications of such behaviors:

Inviting Cybercriminals to Crash Your Party

As people are heading to parties, going to visit family and friends around the region, or hitting the malls this
holiday season, “geo-location” (telling people where you are via your mobile phone or social network) is a
potentially risky activity, yet a scant 15 percent of people surveyed knew enough about geo-location to be able
to explain it. This suggests that mobile Internet users may be engaging unknowingly in risky online behavior.
Nearly one quarter of the respondents (22 %) who use their mobile or smartphones to connect to the Internet,
admitted to giving applications on those devices permission to identify their location. In addition, 56 percent of
people surveyed under the age of 35 said they update their social networking status with their location, which
can inadvertently broadcast to real-world criminals that they’re not at home.

“Giving away your location is a potential ‘gateway’ that people should be aware of and think about,” said
Chatzky. “The only people who need to know that you’re out-of-town, or not where you usually are, are your
family, close friends and maybe a trusted neighbor. Technology is changing so fast, that many people may not
even be aware of the various ways they’re opening themselves up to potential financial losses.”

“Not-So-Smart” Phone Usage
Mobile security is an issue that consumers admit they take for granted. Nearly 4 in 10 (38%) consumers
who access the Internet via their mobile or smartphone do so to check their bank account and make online
purchases, and more than half (51%) are using their Internet-connected devices to check or make updates on
social networking sites.

Despite the prevalence of mobile Internet activity, one in four people accessing the Internet this way aren’t
sure, or haven’t even thought about, what’s safe mobile practice, while another 42 percent have only a “general
idea” of what constitutes safe practices. In addition, 52 percent of those people accessing the Internet via their
mobile devices don’t use the basic level of protection of having an access password in place on those devices

“There are so many simple steps people can take online to protect themselves from identity theft, credit card
loss and real world threats, and still stay connected,” said Taufiq. “As the Internet becomes an even bigger
part of our daily lives, we hope people will start taking Internet security more seriously than they are today.
Unfortunately, that's not what we're seeing in the data.”

Password Problems

Since online shopping accounts are generally tied to e-mail accounts, a cybercrook’s ability to access an e-mail
account could be a gateway to accessing credit card and bank account information. Additionally, cybercrooks
can hack into social networking accounts, impersonating people’s friends, and conning them into sending
money to the crook’s account. Despite this, consumers are still participating in some risky behavior when it
comes to online password protection:

Nearly half (46%) of the people surveyed admitted that they never change their password on their e-
mail accounts

About a third (31%) never change their password on banking and financial accounts

Forty-two percent never change their password on social networking sites

Seventy-one percent of respondents who have one password across different accounts/sites claim to
do so, “because it’s easier to remember”

“Strong, frequently updated passwords are an easy way of protecting yourself and your finances from
cybercrime,” said Taufiq. “Using the same passwords on all your accounts or site -- as we now know too many
people do -- opens yourself up to potential hackers in a way that's easy to avoid."

Holiday Tips before Plugging In

Protect your mobile phones – As people increasingly store and access financial information on
their mobile devices, they should also be using password protection, but for those who don’t,
tools like the new Norton Mobile Security beta application allow Android smartphone carriers
to remotely lock or wipe data from their phones if they are ever lost.
Before you “plug in,” think about who you could “let in”- It’s fine if you need to connect
to the Internet on the go; however, always assume your Wi-Fi connections could be being
eavesdropped on. Never enter sensitive data (bank account information, debit card or social
security numbers, etc.) when browsing the Web via a public Wi-Fi network. Norton DNS, a free
tool that can be downloaded onto most computers and smartphones, does a quick check on each
site to make sure that it isn't a bad site that’s phishing for your personal info.
Make a list, check it twice! Credit card fraud isn’t so nice – Use one specific credit card for
all your online shopping. This will limit your liability if a cybercrook steals your credit card

For more information about cybercrime and online security, as well as additional tips to stay safe this holiday
season, please visit Norton’s Internet Safety Advocate’s Ask Marian blog.

About Norton by Symantec

Symantec’s Norton products protect consumers from cybercrime with technologies like antivirus, anti-spyware and phishing protection -
- while also being light on system resources. The company also provides services such as online backup, PC tuneup, and family online
safety. Fan Norton on Facebook at and follow @NortonOnline on Twitter.

Symantec is a global leader in providing security, storage and systems management solutions to help consumers and organizations secure
and manage their information-driven world. Our software and services protect against more risks at more points, more completely and
efficiently, enabling confidence wherever information is used or stored. More information is available at

About Javelin Strategy & Research
Javelin provides superior direction on key facts and forces that materially determine the success of customer-facing financial services, payments and security initiatives. Our advantages are rigorous process, independent position and expert people. For more information about this or other Javelin reports, please visit

No comments: