Consumers are confident they’re safe online, but hackers have proven otherwise, stealing AED 3.86 billion from 3.72 million consumers in the UAE in the past year, according to the 2017 Norton Cyber Security Insights Report, released today by Norton by Symantec (NASDAQ: SYMC). Within the last year more than half (52 per cent) of the country’s adult online population experienced cybercrime, and each victim lost an average of AED 669 and 47.9 hours (about six working days) dealing with the aftermath of cybercrime.
In the UAE, cybercrime victims share a similar profile: they are everyday consumers who express confidence and use multiple devices whether at home or on the go. While smartphones, laptops and tablets are commonly used by UAE consumers, the report found that cybercrime victims were twice as likely to own a connected home device. Consumers with an internet-connected gaming console, wearable device, or a smart device that streams content were also a more likely to fall victim to cybercrime.
Cybercrime victims were also more likely to have a blind spot when it comes to cyber security basics, leaving their virtual backdoor open:
- Cybercrime victims are more likely to use the same online password across all their accounts (24 per cent of cybercrime victims versus 20 per cent of non-victims), or using different passwords but save them on their computer's web browser (16 per cent versus 10 per cent), negating their security efforts.
- They were also more likely to save their passwords to a file on their device as non-victims (24 per cent versus 18 per cent).
- Equally concerning, 45 per cent of UAE cybercrime victims - despite their experience - had a higher trust in their own ability to protect their data and personal information from future attacks and one-third (32 per cent) believed they had a low risk of becoming a cybercrime victim.
In addition, Millennials were far more likely to experience cybercrime compared to other generations. While Millennials are known for being a digital-first generation and rather tech savvy, they also make similar mistakes such as using the same password across accounts and sharing their password with others. One in five Millennials also admit to not having any protective measures in place for at least one of their devices.
“Consumers’ actions revealed a dangerous disconnect: Despite a steady stream of cybercrime sprees reported by media, too many people appear to feel invincible and skip taking even basic precautions to protect themselves,” said Tamim Taufiq, Head of Norton Middle East. “This disconnect highlights the need for consumer digital safety and the urgency for consumers to get back to basics when it comes to doing their part to prevent cybercrime.”
Ransomware Wreaks Havoc: Despite Paying up, Many Consumers in the UAE Don’t Get their Digital Life Back
More than one in ten UAE consumers (13 per cent) have experienced ransomware, and for those who fell victim it has proven a costly affair. Those who have experienced ransomware reported losing an average of 89 hours dealing with the aftermath, and nearly one in five (18 per cent) paid the ransom and got nothing in return. With half of UAE consumers (49 per cent) admitting they never backup all their devices and one in 13 admitting they never implement software updates, a significant number are at risk of losing their digital property for good.
“Paying the ransom may seem like a natural response to get your personal files back,” said Tamim Taufiq. “However, handing the hackers money simply continues to fund their efforts with no guarantee that you’ll personally be able to regain access to your digital life. In the case of ransomware- crime pays, and we can all take some simple steps to thwart their efforts.”
The Most Common Cybercrime Experiences in the UAE
Of those who have ever fallen victim to cybercrime, 73 per cent experienced an attack within the last year, including:
- 53 per cent had a device infected by malware
- 44 per cent had their home Wi-Fi cracked into without their permission
- 43 per cent were notified their personal information compromised as a result of a data breach
- 39 per cent provided personal or financial information as a result of responding to a bogus email
- One in three (29 per cent) were duped into fraudulent online purchases
- 29 per cent had payment information stolen from their phones
- One in four (24 per cent) fell for technical support scams
Despite the prevalence of such forms of cybercrime, UAE consumers reported the highest financial loss in the past year after the following:
· Credit or debit card fraud ($1,051 or AED 3,861)
· Falling for a technical support scam ($476 or AED 1,749)
· Data breach ($341 or AED 1,253)
· Compromised account password ($157 or AED 577)
· Responding to a scam email with personal or financial information ($135 or AED 496)
· Shopping online ($104 or AED 382)
· Making a purchase online that turned out to be a scam ($81 or AED 298)
Cybercrime Is a ‘Grey Area’ For Many Consumers
77 per cent of UAE consumers believe cybercrime should be treated as a criminal act. However, when pressed, contradictions emerged. When presented with examples of shady online behaviour, more than two in five (42 per cent) UAE consumers believed at least one questionable act was always or sometimes acceptable including:
- Putting software on someone else’s device to spy on them (more than one in five)
- Using someone else’s credit card without permission to shop or book online (one in seven)
- Accessing someone’s financial accounts without their permission (one in seven)
- More than one in five (22 per cent) stated stealing information online was not as bad as stealing property in ‘real life.’
Interestingly, victims of cybercrime were more likely to think it’s ok to invade privacy or access information without permission. 26 per cent say reading someone’s emails without their consent is acceptable, compared to 13 per cent of non-victims. 19 per cent believe that accessing someone's financial accounts without their permission is sometimes or always acceptable, compared to 8 per cent of non-victims.
The State of Consumers’ Trust
With recent headline mega breaches, ransomware and cyberattacks, UAE consumers’ trust varies when it comes managing their data and personal information.
· Consumers gained or maintained trust in organisations such as banks and financial institutions (78 per cent), security software (76 per cent) and identity theft protection service provider (74 percent), despite the attacks that made headlines this year.
· 49 per cent lost trust in credit reporting companies that gather information without their consent and 38 per cent lost trust in social media platforms.
· 45 per cent of UAE consumers gained trust in themselves to manage their data and personal information.