71% of US Adults Have Dangerous Online Security Habits This Year, CNET Survey Finds
If you’re like me, your sensitive data has been compromised in a data breach – probably multiple times.
An exclusive CNET survey finds that 47% of U.S. adults know their Personal data leaked in cyber attackGeneration X and baby boomers report higher levels of their sensitive data being breached. About half of Millennials surveyed said they had also been affected by a data breach, while a quarter of Gen Z respondents said their data had been breached.
Data breaches happen almost every day for many reasons, including phishing attacks by malicious actors, human error, and even employees looking to profit from company data.
The good news is that a data breach does not directly lead to identity theft or fraud. However, this puts your personal device at greater risk from phishing attempts. Therefore, we have a responsibility to keep our data and identities secure.
CNET’s cybersecurity survey reveals trends in how people react to learning about their cybersecurity Involved in a data breachWhat Fraud is their biggest concern And how they can protect their identities online, especially during the busy holiday shopping season.
Main points
- 84% of respondents are taking some method to protect their personal data this holiday season.
- Yet, over the past year, 71% of U.S. adults have taken actions that security experts consider dangerous to protect their personal data.
- CNET found that 41% of U.S. adults surveyed had used the same password on multiple accounts in the past 12 months. Arguably more concerning, one in five adults also canceled two-factor authentication last year.
- One in five U.S. adults is unsure whether their data has been compromised in a cyberattack.
Most people change passwords after data breach
The first step you take after learning you’ve been affected by a data breach is crucial. Most adults, 68% to be exact, Password changed Another 41% signed up for two-factor authentication across multiple online accounts after learning of the cyberattack.
Other common reactions to having your information exposed in a data breach include placing a fraud alert on your credit report (35%) and registering Identity theft protection (33%).
When companies suffer a data breach, they often mail notifications to potentially affected customers that include a free activation code for identity theft protection. Coverage typically ranges from one to two years – depending on the severity of the breach and the personal information compromised. But you can sign up for identity theft protection yourself after the offer expires.
Protect your personal data and gain peace of mind with CNET’s preferred identity theft software.
One of the best ways to protect themselves after a data breach is not implemented by most respondents. Only 27% of U.S. adults said they had their credit frozen after a breach. Credit freezes are free to the public and are a great way to stop identity fraud, experts say. I froze my credit April found it to be a simple process.
“Never wait until you receive a data breach notification to freeze your credit,” says Adam Levin, author and co-host of the podcast What the Hack with Adam Levin. “If your credit is frozen, no one can access your credit file. This means that it is impossible for anyone – including you – to open a new credit account until your file is unfrozen.”
Notably, 20% of adults stopped using a company’s services entirely after being affected by a data breach.
Most Americans Have Bad Password Habits
While data breaches are beyond your customers’ control, how you protect your data online is something you can manage. It all starts with strict password hygiene.
CNET found that 41% of U.S. adults surveyed had used the same password across multiple accounts in the past year. This approach leaves you vulnerable to Credential stuffing Initiated by cybercriminals – they can access one account and test the same credentials elsewhere.
Therefore, experts recommend using a unique password for each online account. If this sounds too difficult, Password manager can help.
“With a password manager, you don’t have to remember any passwords because the software stores all your passwords in a secure vault and can autofill them when you log into your account,” says CNET staff writer Attila Tomaschek. Digital privacy expert.
He added that a password manager can monitor the dark web for compromised credentials and notify you of a data breach so you can update your passwords if they are compromised.
Arguably more concerning, one in five adults also canceled two-factor authentication last year. Many financial institutions and retailers will periodically send push notifications or text codes to your phone to verify your identity or to log into your account from a new device. Extra layers of security can help keep cybercriminals out and alert you when someone is trying to attack Access your account.
“This may feel a little inconvenient and add a few seconds to the login process, but it’s well worth it,” said cybersecurity expert Neal O’Farrell. CNET Expert Review Board Member.
Cybersecurity is top of mind for shoppers this holiday season
The holidays bring a lot of joy, but they also increase the risk of falling into a scam that could ruin your good mood.
Overall, 84% of respondents said they have taken some form of extra security measures when buying gifts this year. While some shoppers will only shop in person, nearly half of adults (48%) say they will only shop from reputable websites. Many people (43%) also choose to buy directly from mobile apps like Amazon, Walmart, Target and Etsy to avoid being lured by fake websites.
37% of holiday shoppers will also take steps to improve password hygiene, such as enabling two-factor authentication on new accounts or using unique passwords, password managers or keys.
Few said they would check whether a website has “https” encryption (31%) or use a digital wallet, e.g. Apple Pay or Google Wallet and Samsung Wallet (24%). Digital wallets use tokenizationin layman’s terms, it prohibits retailers from viewing or storing your actual card information. If the retailer is hacked in the future, your card information will remain secure.
No-delivery scams worry shoppers most
As fraud increases, 66% of Americans are worried Become a victim of a scam This holiday season and beyond.
About a quarter of respondents were most concerned about non-delivery package scams. These fraud schemes involve scammers sending emails or texts that appear to be from UPS or FedEx, contain false purchase notifications or claim there is a delivery issue. Its purpose is simply to steal your personal or financial information after you click on the link provided.
“The best thing to remember is to skip the links in these messages, and of course any attachments,” said CNET senior cybersecurity and digital privacy writer Bree Fowler. “Instead, go directly to the shipper’s website (UPS, USPS, FedEx ) and enter your tracking information. If the message appears to be from a retailer you do business with, please visit their app or website directly.”
Package-related scams are always more rampant this time of year, and there are more people involved Holiday Online Shopping. According to Adobe, on this year’s “Cyber Monday” alone, shoppers spent a total of $13.3 billion, a year-on-year increase of 7.3%.
One in five Americans is also concerned about being tricked by a customer support scam, in which fraudsters pretend to work for a legitimate organization and convince you to share your account information. Other common scams people fear falling for include charity scams; Gift Card Churn Scam and romance scam.
In addition, tax filing season is approaching, and you should file your taxes as early as possible to avoid tax return fraud And beware of being duped by scammers claiming you owe money to the IRS.
If you receive an unprompted call or message, hang up and call the company or federal agency directly using the number on its official website to confirm the validity of the communication.
“Never identify yourself to anyone who contacts you, even if you believe they are an authority figure within a government agency or organization with which you have a relationship,” Levine said.
Scammers often deceive you by instilling a false sense of urgency in their requests. Don’t be fooled. Instead, take the time to think about what’s going on so you don’t accidentally make it easier for scammers to get your sensitive data or money.
“Crime is like any industry, criminals only have so much time to devote to a particular target before they deem it unprofitable,” O’Farrell told CNET. “The harder you make it for them, the more you frustrate them. The sooner they try, the faster they’ll move on.”
methodology
CNET commissioned YouGov Plc to conduct the survey. Unless otherwise stated, all data comes from YouGov Plc. The total sample was 2,518 adults. The field survey was conducted between November 4 and 7, 2024. The survey is conducted online. The numbers are weighted and representative of all U.S. adults (18 and older).
