Study: U.S. residents at risk for online exploitation
Almost half couldn't identify 'phishing' e-mail scams
IDG News Service - U.S. Internet users are dangerously ignorant about the type of data that Web site owners collect from them and how that data is used, according to a new study by the University of Pennsylvania's Annenberg Public Policy Center.
The lack of awareness makes U.S. Internet users vulnerable to online exploitation, such as misuse of personal information, fraud and overcharging, the study said.
Titled "Open to Exploitation: American Shoppers Online and Offline," the study was released today (download PDF). It involved 1,500 adult U.S. Internet users who were asked true-or-false questions about topics such as Web site privacy policies and retailers' pricing schemes. Respondents on average failed the test, answering on average fewer than 7 out of 17 questions correctly.
Interviews for the study, conducted between early February and mid-March, yielded some findings that the authors consider alarming. Those findings include:
- Almost half of the respondents, 49%, couldn't identify "phishing" scam e-mail messages, which information thieves dress up to look as though they come from a legitimate company, such as a bank or store, to lure users to enter sensitive information. Requested information might include Social Security numbers, passwords and bank account numbers.
- Sixty-two percent of respondents didn't know that an online store can simultaneously charge different prices for the same item based on information it has on different shoppers, a practice that can make users into victims of what study authors call "price discrimination."
To address the problems identified by the study, the Annenberg Public Policy Center proposed three measures:
- Consumer education and media literacy should be taught in elementary, middle and high schools in the U.S.
- By government decree, online retailers should disclose what data they have collected about customers, as well as when and how they will use that data.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts