Survey reveals unrealistic attitudes to internet security in Britain

Public awareness of internet security issues still seems somewhat at odds with the accepted state of the threat landscape. Findings in the latest OxIS internet user survey The Internet in Britain: 2007 from the Oxford Internet Institute, a specialist unit of Oxford University that researches the social context of internet access in the UK, suggest that users are not as concerned as might be expected about transaction security.

Malware infection remains the chief concern of users. Of 1,578 respondents this year, 34 per cent reported being infected by "viruses", compared with 43 per cent in 2003 (1201 respondents). At first sight this might suggest a reduction in infection rates. However in 2005 (1309 respondents) only 18 per cent reported infection, an apparently anomalous figure that begs questions not addressed by the study, including how well the respondents understand the issue and what proportion make effective use of antivirus.

Reported phishing attempts, defined as "someone asking for your bank details online" rose from 12 per cent in 2005 to 17 per cent this year, and reported purchase of misrepresented goods over the internet has risen progressively from three per cent in 2003 to eight in 2005 and nine this year. Interestingly (and surprisingly in view of the growing number of reported credentials leaks), perceived abuse of credit card details remains relatively stable from 2003 to date at around one to two per cent.

Despite the objective scale of spam, mail scams and phishing, most users do not seem unduly concerned. Some 38-39 per cent of respondents in both 2005 and 2007 reported that they are not worried about email abuse overall, although the proportion concerned enough to take action has risen from 36 per cent in 2005 to 44 per cent this year. Spam, however, does not seem to loom large in this picture: only 24 per cent this year responding that they receive too much spam, and 26 per cent under the impression that they don't receive any.

Respondents are positive about internet use: 79 per cent believing it saves them time, whereas only 46 per cent expressed any concerns about others obtaining their personal information on line. Although security awareness is clearly increasing, it still appears poorly focused on the real issues. Credit card fraud, internet scams and spam notwithstanding, malware (albeit vaguely understood) remains more of a perceived problem to users.

(mba)