In addition to researching behavior about e-mails, the study also presented images of sample Web sites and asked consumers whether they could identify whether a site was secure or not -- 67 percent could not identify a secure Web site. Six out of 10 respondents relied on symbols, such as "padlocks" to determine whether a site was secure, while four in 10 consumers felt there was no real way to determine if a site was secure.
"We are making progress, as consumers are more aware than ever of a range of online threats. However, it is clear that the sense of confidence many feel in their ability to identify online scams is misplaced and overstated," said Ron Teixeira, executive director of the National Cyber Security Alliance. "As people continue to conduct more of their activities and transactions online, fraudsters will continue to present sophisticated scams. This study reinforces the necessity for consumers to educate themselves regularly about safe online practices in order to stay ahead of the next threat."
In the past year, Bank of America led the industry by launching SiteKey, a two-way authentication system that helps customers confirm they are at the real Bank of America Web site and avoid phishing scams.
"Online security is a shared responsibility among legitimate businesses and consumers," said Sanjay Gupta, e-Commerce executive at Bank of America. "We take that obligation very seriously and work hard to provide the latest information and security. We launched the SiteKey service, we're rolling out 18 more e-alerts to help consumers monitor account activity, we launched a free toolbar to prevent pop-up ads and we posted new security-related education material online.
Key highlights of the Online Fraud Report include:
- Roughly eight in 10 Americans who use the Internet conduct online financial transactions such as online banking, stock transactions or filing taxes.
- Two-thirds of consumers who conduct online financial transactions are extremely or very concerned about giving their personal or financial information to a fake Web site and having hackers steal financial information from their computer.
- 74 percent of Americans don't believe using only an ID and password to log-in is extremely or very safe. More than 68 percent of respondents are extremely or very willing to try additional layers of login security, such as answering personal questions about themselves to confirm their identity.
- More than four out of five people polled believe that the responsibility of limiting and preventing online fraud is equally shared by the legitimate Web site, themselves and Internet service providers.
- More than 80 percent of consumers understand that not opening unsolicited e-mails, using the proper security software and keeping security software updated are all ways to prevent Internet fraud. However, according to the 2005 America Online/NCSA Online Safety Study, 81 percent of home PCs lack at least one of the three critical protections ? updated computer virus software, spyware protection, and a secure firewall.
Here are steps consumers can take to prevent fraud:
- Use safe computer behavior. Install protection such as firewalls, anti-virus software and anti-spyware software. Keep the protection and browsers updated. Don't download materials from unknown senders. Use unique passwords that are hard to guess and change them often.
- Confirm the validity of all requests for sensitive personal, financial or account information, particularly if they are made with an urgent or threatening tone or are unsolicited. Consumers who get the request through e-mail should open a new browser window and type in the referenced Web address rather than clicking on links provided within the e-mail.
- Monitor accounts, credit reports and credit scores. Notify banks and credit agencies immediately of any unauthorized transactions.
- Take advantage of free bank services, such as direct deposit. Stop receiving paper statements through the mail when they are available online.
- Do not share your IDs, passcodes or ATM passwords with anyone.
