Cybercrime victims are more likely to use the same online password across all their accounts.
Published: Wed 24 Jan 2018, 1:27 PM
If you think cybercrime is a fictional threat in the UAE and that you can't fall victim to it, think again.
Consumers are confident they're safe online, but hackers have proven otherwise, stealing Dh3.86 billion from 3.72 million consumers in the UAE in the past year, according to the 2017 Norton Cyber Security Insights Report, released on Tuesday by Norton by Symantec.
Within the last year, more than half (52 per cent) of the country's adult online population experienced cybercrime and each victim lost an average of Dh669 and 47.9 hours (about six working days) dealing with the aftermath of cybercrime.
In the UAE, cybercrime victims share a similar profile: with the ubiquitous of smartphones, laptops and tablets commonly used by UAE residents, cybercrime victims here are found to be twice as likely to own a connected home device. Those with internet-connected gaming consoles, wearable or smart devices that stream content were also a more likely to fall victim to cybercrime.
The Norton Cyber Security Insights Report involved an online survey of 21,549 individuals ages 18+ across 20 markets. The UAE sample reflects input from 1,059 adults.
Cybercrime factors in the UAE
There were some common factors and habits among UAE's cybercrime victims, to do with their cybersecurity basics.
Cybercrime victims are more likely to use the same online password across all their accounts (24 per cent of cybercrime victims versus 20 per cent of non-victims), or using different passwords but save them on their computer's web browser (16 per cent versus 10 per cent), negating their security efforts.
They were also more likely to save their passwords to a file on their device as non-victims (24 per cent versus 18 per cent).
Equally concerning, 45 per cent of UAE cybercrime victims - despite their experience - had a higher trust in their own ability to protect their data and personal information from future attacks and one-third (32 per cent) believed they had a low risk of becoming a cybercrime victim.
In addition, Millennials were far more likely to experience cybercrime compared to other generations. While Millennials are known for being a digital-first generation and rather tech savvy, they also make mistakes such as using the same password across accounts and sharing their password with others. One in five Millennials also admit to not having any protective measures in place for at least one of their devices.
Tamim Taufiq, head of Norton Middle East, said: "Consumers' actions revealed a dangerous disconnect: despite a steady stream of cybercrime sprees reported by media, too many people appear to feel invincible and skip taking even basic precautions to protect themselves.
"This disconnect highlights the need for consumer digital safety and the urgency for consumers to get back to basics when it comes to doing their part to prevent cybercrime."
Ransomware losses
More than one in ten UAE consumers (13 per cent) have experienced ransomware, and for those who fell victim it has proven a costly affair. Those who have experienced ransomware reported losing an average of 89 hours dealing with the aftermath, and nearly one in five (18 per cent) paid the ransom and got nothing in return. With half of UAE consumers (49 per cent) admitting they never backup all their devices and one in 13 admitting they never implement software updates, a significant number are at risk of losing their digital property for good.
"Paying the ransom may seem like a natural response to get your personal files back," said Tamim Taufiq. "However, handing the hackers money simply continues to fund their efforts with no guarantee that you'll personally be able to regain access to your digital life. In the case of ransomware, crime pays, and we can all take some simple steps to thwart their efforts."
Thwarting cybercrime awareness efforts is the fact that it is a "grey area" for many consumers.
Curiously, victims of cybercrime were more likely to think it's okay to invade privacy or access information without permission. 26 per cent say reading someone's emails without their consent is acceptable, compared to 13 per cent of non-victims. 19 per cent believe that accessing someone's financial accounts without their permission is sometimes or always acceptable, compared to 8 per cent of non-victims.
One in seven also thought accessing someone's financial accounts without their permission is okay. More than one in five (22 per cent) stated stealing information online was not as bad as stealing property in 'real life.'