A recent poll revealed that 54% of U.S. consumers said the theft of their personal or financial information worried them more than losing their job or not having healthcare for their family members.[1]
Their worry is not unfounded. As President Obama recently acknowledged, while the Internet has transformed how we communicate and do business, “it has also led to new challenges, like online fraud and identity theft, that harm consumers and cost billions of dollars each year.”
Today, there are more ways than ever that financial information can be compromised, from offline methods such as dumpster diving and stolen laptops to email scams, fake banking sites known as phishing scams, and data breaches like the one Sony recently experienced with PlayStation.
Despite the dangers, consumers continue to embrace the anytime, anywhere convenience of online banking. In fact, only 4% of U.S. households used online banking in 2004, but by 2010 the number ballooned to 80%.[2]
Even though the majority of Americans are doing their banking online, only certain groups have taken precautions, and many remain vulnerable. As Dave Marcus, Director of Security Research for McAfee Labs points out, the education level and personality of a computer user has a lot to do with their safety level.
“Most instances of banking fraud are not due to the bank’s technology being compromised, but to people unwittingly giving out their personal banking information to criminals via phishing scams and copycat sites, or their computers being infected with malware,” Marcus said.
With that in mind, McAfee is redoubling its efforts to offer users of all stripes the very best practical information on online banking safety, whether they are banking from their computer or mobile phone.
Demographic Groups and Their Risk Profiles
McAfee has found that most online banking users fall into three categories that reflect both their comfort with technology and their security habits. Here are the three groups:
1) “Competent But A Little Careless”: Ages 18-24
This group is the most comfortable with technology but they tend to be
overconfident, sometimes forgetting to put basic security practices into place.
2) “Confident But Casual”: Ages 25-45
This group uses the Internet for both work and personal reasons and are
the most frequent online banking users. However, they are sometimes
casual about security.
3) “Conservative And Cautious”: Over 45 years old
This group is not as familiar as younger generations with technology, and
a smaller portion use online banking. They tend to be more cautious when
going online, and are in fact better protected than the other groups because
research shows a higher percentage has security software. However, some older
Americans are vulnerable to offline scams such as automated voice messages
that request financial account numbers.
“Competent But A Little Careless” Profile
Often called Digital Natives, 18 to 24 year-olds grew up online, and most 20-somethings spend an average of 32 hours per week online, according to comScore’s Media Metrix.[3]
Because of their comfort with technology, they are confident and eager to use all the benefits that the Internet has to offer. A PEW Internet and American Life Project survey said more than 81% of this group goes online wirelessly and more than 55% use a laptop or cell phone to access the Internet. They are heavy social networking users–with 72% using social networking sites and they are also comfortable with sharing videos and shopping online.[4]
Digital Natives have continued to show interest in using online banking. In 2010, 44% of 18-24 year olds preferred Internet banking over other methods, up from 23% in 2007.[5]
However, Javelin research reveals that 68% do not have basic antivirus software on their computers, making them fundamentally careless.[6]
Even though McAfee has reported that 55,000 new pieces of malware are discovered daily, this young and reckless group is either unaware of security risks or has just not made them a priority.
Unfortunately, this careless security attitude has resulted in real-world problems. An astonishing 41 percent of 18 to 24-year-olds have never even heard of “malicious” software. Couple this with only 30 percent actively protecting themselves, and the resulting picture is one of an entire generation being relatively naïve when it comes to online security.[7]
Paradoxically, 26% of 18 to 24-year-olds said they felt they were doing enough already to be safe online, according to a study released by the National Cyber Security Alliance and the Anti-Phishing Working Group.[8]
This carelessness carries over to other activities as well. While this group is very active on Facebook and other social networks, roughly one in five fails to use Facebook privacy controls, making them vulnerable to all kinds of Internet threats, according to Consumer Reports.[9]
It is clear that 18 to 24 year olds need to be much more careful about their online activities in general, and take particular care when it comes to online banking.
Tips for the “Competent But A Little Careless” User:
• Start with a clean PC. This means making sure that your device is clean of threats by using a free diagnostic tool such as McAfee® Security Scan Plus, which scans and detects malware, Trojans, and potentially unwanted programs in running processes.
• Buy comprehensive security software that protects you from viruses, spyware, adware, and identity theft. Always choose a reputable brand such as McAfee Total Protectionä software. When it comes to security software, free is not better. A September 2010 USA TODAY survey of 16 anti-virus companies shows that no-cost anti-virus programs generally lack important features such as a firewall, website health checks, and automatic updates.[10]
• After you’ve installed security software, McAfee recommends running a security scan of your computer every day. It takes just a few moments before you turn your computer off for the evening.
• Avoid distracted banking: Be careful not to respond to fake bank emails (phishing) because you are multitasking. Remember, banking fraud often happens because consumers give out their own user names and passwords to fake banking sites.
• Review your financial statements and transactions as soon as they arrive, so if there are any anomalies or unauthorized transactions you can clear them up right away
• Never respond to email from a bank that requests personal information, such as your user name, password, or address. Even if the email looks legitimate, NEVER reply or click on links included in the email.
• Create strong passphrases. Don’t be afraid to go beyond the standard eight characters and a couple of numbers. Passphrases are easy-to-remember sentences with up to 255 characters, including spaces, and they are harder for criminals to crack. Think of using song lyrics, book titles, and poems —the longer the passphrase, the better, and remember to change them often.
• If you love to surf and enjoy digital entertainment, make sure to use a safe surfing tool such as McAfee® SiteAdvisor® software, which can tell you if a site is safe to click on or not right in your search results.
See “Online Banking Tips for Everyone” below for more tips.
“Confident But Casual” Profile
This group (25 to 45) is more likely to use the Internet to help manage all aspects of their lives as opposed to the “Competent But Careless” group, which uses the Internet to primarily manage their social lives.
Like other groups, they are heavy users of email and search, but over 50% also use the Internet to read news, make travel reservations, buy products, and watch videos.[11]
Ages 31 to 44 lead the online banking movement, as they do more online banking activities than any other demographic group.[12] Studies also show that Internet users aged 34-45 are more likely than younger users to get financial information online. [13]
Fortunately, users in this group are also more likely to use security software compared to the younger generation. According to Javelin research,42% of 25 to 34-year-olds have antivirus software while 47% of 35 to 44-year-olds use security software.[14]
While these facts demonstrate some progress in terms of security education, more needs to be done. However, this group’s confidence may be getting in the way. In fact, 52% of 25 to 44-year-olds surveyed by NCSA felt they were already doing enough to stay safe online, while only 35% acknowledged they need more information about online safety.[15]
Tips for the “Confident But Casual” User:
• If you don’t have online security protection already, you need a comprehensive security suite. Also, remember to run a security scan before signing up for any online banking services to ensure you’re starting with a computer free of malware.
• If you already have security software, make sure to keep your subscription up to date
• If your computer is acting strangely, avoid using it for online banking until you can get it checked out
• Never respond to unsolicited email from a bank that requests personal information, such as your user name, password, or address. Even if the email looks legitimate, NEVER reply or click on links included in the email.
• Review your financial statements and transactions as soon as they arrive, so if there are any anomalies or unauthorized transactions you can clear them up right away
• Stay educated. McAfee updates consumers with breaking news about threats via the McAfee Facebook page
“Conservative But Cautious” Profile
This group remains in the middle of the road in terms of technology adoption. They are not as tech savvy as younger generations, own fewer devices and spend less time online.
According to Forrester, the one area where Boomers are ahead of the technology curve is in the amount of money they spend, on everything from monthly telecom fees to online purchases. They even spend more on PC purchases.[16]
Research from the American Banking Association shows that younger Boomers prefer online banking, but Boomers over 55 are less likely to bank online, with only 20% taking advantage of the technology.[17]
While Boomers are not as active online, it’s interesting to note that this is the best-protected group. Forty-seven percent of 45 to 54-year-olds lack security protection, while just 44 percent of 55 to 64-year-olds lack protection.[18]
Still, they understand that they need more security. In fact, 55% of the 45+ age group said that they wanted more Internet security information, according to NCSA.[19]
Javelin research suggests that Boomers are more cautious because they have saved for years and have more financial assets to protect, and may remember early and serious virus attacks (including Melissa in 1999 and ILOVEYOU in 2000) that made them a bit gun shy about conducting online transactions.[20]
Tips for the “Conservative But Cautious” User:
• Be sure to run a security scan on your PC before you sign up for any online banking services to ensure you’re starting with a computer free of malware
• If your computer is acting strangely, avoid using it for online banking until you can get it checked out
• Never respond to email from a bank that requests personal information, such as your user name, password, or address. Even if the email looks legitimate, NEVER reply or click on links included in the email.
• Review your financial statements and transactions as soon as they arrive, so if there are any anomalies or unauthorized transactions you can clear them up right away
• Beware of copycat sites that look very similar to major banking institutions, and always be sure that you’ve typed in the correct web address when visiting your bank online. Be familiar with your bank’s logo and site design.
• Visit your bank’s main website for details on their online security policy before signing up and make sure they use multiple layers of security upon sign-in (i.e. you must visually approve a site-key in conjunction with entering your passphrase). It is harder for criminals to hack more than one layer of security protection.
• Create strong passphrases. Don’t be afraid to go beyond the standard eight characters and a couple of numbers — the longer, the better, and change your passphrases often.
Online Banking Tips for All Users:
• Beware of copycat sites that look similar to major banking institutions, and always be sure that you’ve typed in the correct web address when visiting your bank online. Be familiar with your bank’s logo and site design.
• Educate yourself about the tactics cybercriminals use when making copycat sites by looking at known examples from FraudWatch International. [21]
• Visit your bank’s main website for details on their online security policy before signing up, and make sure they use multiple layers of security upon sign-in.
• Create strong passphrases. Don’t be afraid to go beyond the standard eight characters and a couple of numbers. Passphrases are easy-to-remember sentences with up to 255 characters, including spaces, and they are harder for criminals to crack. Think song lyrics, book titles, poems —the longer the better, and change them often.
• To reiterate: it is important to keep your technology secure when banking online, but most banking fraud happens when consumers respond to phishing emails or enter data into copycat websites.
Still concerned?
If you want to be absolutely certain that your PC is clean and has a safe connection, dedicate one machine to online banking only
Now You’re An Expert? Bank Safely on Your Mobile Device Too
Mobile banking has experienced rapid growth in the U.S. over the last three years, more than doubling from 5% of online adults in 2007 to 12 percent by the second quarter of 2010. Furthermore, Forrester predicts that one in five–or 50 million–U.S. adults will be using mobile banking by 2015.
However, studies show that many Americans are still uncomfortable with mobile banking, citing security as a top concern. In fact, 35% of US online adults said that they do not use their device to do banking for this reason.[22]
Responding to these concerns, banks have been working to improve mobile security by offering a consistent sign-on experience for both their online and mobile channels, including multi-factor authentication programs for mobile.
While banks are trying to do their part, users have to take additional steps to make sure that their mobile data is protected. Consumer Reports estimates that almost 30% of Americans that use their phones for banking, accessing medical records, and storing other sensitive data, do not take precautions to secure their phones.[23]
So, here are some tips for mobile bankers of all ages to keep you safe while banking on the go:
• Connect to your bank’s mobile site or app securely by making sure that your wireless network is secure. Never send sensitive information over an unsecured wireless network, such as in a hotel or café
• Download your bank’s mobile application, so you can be sure you are visiting the real bank every time, not a copycat site
• Install anti-theft technology, and back up your data
• Configure your device to auto-lock after a period of time
• Don’t store data you can’t afford to lose on an insecure device
• Consider using McAfee® Mobile Security™ on your device, which allows you to backup and restore personal data, wipe personal data from the device in the event of a loss, and remotely lock your device and delete all personal information in the case of theft, as well as locate the device via GPS.
• Be sure to keep all of your apps and device software up to date
In Summary
When it comes to online banking it is important that you build confidence. Having comprehensive security software helps. In fact, a recent comScore study found that 40 percent of respondents felt that new security software on their computers increased their security when banking online.[24]
Beyond having up-to-date, comprehensive security software, real security requires education and diligence because cybercriminals are constantly changing their tactics and looking for new ways to access your information.
The good news is that banks are doing their part. They have worked hard to ease the fears of their customers by providing multiple layers of security on their websites. Some even offer security guarantees for online banking, for example:
• Some banks offer “0% Liability Protection” which reimburses you for losses resulting from unauthorized purchases that originate from online banking activities[25]
• Many banks use Secure Socket Layer (SSL) technology to encrypt personal information such as user IDs, passwords, and account information over the Internet. Any information provided to the customer is scrambled en route and decoded once it reaches the browser.[26]
• Some banks guarantee that you will be reimbursed 100% for all unauthorized transactions. Check to see if your bank provides this level of coverage.
Being aware, educated, and protected by online security are you best bets for banking online safely.
For more information on safe browsing, visit McAfee Security Center and for additional updates, consider “Liking” McAfee on Facebook.
For an animated tutorial on phishing, one of the greatest banking-related dangers for consumers according to McAfee researchers, please visit the following link. Find out what phishing is, how to spot fake emails, and how to avoid it all together: http://us.mcafee.com/en-us/local/html/identity_theft/hooked_by_phishing_scam.asp
For media inquiries, please contact:
Kim Eichorn
McAfee
(408) 346-3606
kim_eichorn@mcafee.com
[1]Online Safety is a Personal Priority for Americans, NCSA & APWG Survey, August 2010
[3]comScore Media Metrix January 2010 – December 2010
[4]Social Media and Young Adults, PEW Internet and American Life Project, February 2010
[5] Consumers Prefer Online Banking, ABA & Ipsos Study, August 2010
[6] Second Annual Antivirus, Browser, and Mobile Security Report, Javelin Strategy & Research, July 2011
[7] Second Annual Antivirus, Browser, and Mobile Security Report, Javelin Strategy & Research, July 2011
[8]Online Safety is a Personal Priority for Americans, NCSA & APWG Survey, August 2010
[9]“Online Threats”, Consumer Reports Magazine, June 2011
[10]“Clarifying Your Antivirus Choices”, USA Today Survey & Article, September 2010
[11]Generations 2010, Pew Internet Survey by Kathryn Zickuhr, December 2010
[12]Forrester Research, Inc,: The Changing Landscape Of USConsumers’ Digital Banking, March 2011
[13]Generations 2010, Pew Internet Survey by Kathryn Zickuhr, December 2010
[14] Second Annual Antivirus, Browser, and Mobile Security Report, Javelin Strategy & Research, July 2011
[15]Online Safety is a Personal Priority for Americans, NCSA/APWG Survey, August 2010
[16]Forrester Research, Inc.: The State of Consumers and Technology: Benchmark 2010, September 2010
[17]Consumers Prefer Online Banking, ABA & Ipsos Study, August 2010
[18] Second Annual Antivirus, Browser, and Mobile Security Report, Javelin Strategy & Research, July 2011
[19]Online Safety is a Personal Priority for Americans, NCSA/APWG Survey, August 2010
[20] Antivirus and Browser Security Vendors, Javelin Strategy & Research, 2010
[22]Forrester Research, Inc.: Mobile Banking Forecast, 2010 To 2015, January 2011
[23]“Online Threats”, Consumer Reports Magazine, June 2011
[24] comScore Media Metrix January 2010 – December 2010
[26] Chase Bank Website
The information in this document is provided only for educational purposes and for the convenience of McAfee customers. The information contained herein is subject to change without notice, and is provided “AS IS” without guarantee or warranty as to the accuracy or applicability of the information to any specific situation or circumstance.
McAfee, the McAfee logo, McAfee Labs, McAfee Total Protection, and SiteAdvisor are registered trademarks or trademarks of McAfee, Inc. or its subsidiaries in the United States and other countries. Other marks and brands may be claimed as the property of others. The product plans, specifications and descriptions herein are provided for information only and subject to change without notice, and are provided without warranty of any kind, express or implied. Copyright © 2011 McAfee, Inc.
Stay Updated
Follow us to stay updated on all things McAfee and on top of the latest consumer and mobile security threats.
