When it comes to cybercrime, most of us can readily think of viruses and malware. And there are studies that can estimate the cost of this to governments and big corporations. It’s much harder to estimate the cost of cybercrime to regular people and to move beyond old definitions of cybercrime and start including all the online problems that cost us our money and waste our time. Norton has just finished conducting a massive study of the issue and today reports on the problem in our Norton Cybercrime Report.
We spoke to 20,000 adults in 24 countries to understand what kinds of online crimes people are experiencing; what kinds of direct costs and losses they are incurring and the cost of recovering from those online crimes. The sorts of cybercrimes we included in the study were viruses and malware to be sure, but also included online scams, online harassment, having your social network profile hacked, and online credit card fraud. We found that 69% of people have already been a victim in their lifetime and 65% have been victimized in the last 12 months, globally. Of course, the numbers varied significantly from country to country simply and you’ll find it interesting to click around to compare.
No surprise that people are being inundated with cybercrime but the costs were certainly a surprise. When we extrapolated the numbers to the entire global population we found a staggering estimated 1 million cybercrime victims a day and a direct cost of cybercrime of $114 billion a year. Considering the additional recovery costs to restore your bank account or fix your credit rating, that adds in another $274 billion for a total figure of $388 billion or more than the global estimates of the international drug trade.
We also found that certain people are more at risk than others and can be summarized as follows: male, millennial and mobile. Males tend to be online longer than women which exposes them to more potential online risks. And men might visit adult, dating and gambling sites more which often host malware. Millenials, which is one of those demographic groups which describe people in their 20’s and 30’s, are people who might spend a lot of time on social networks where many of the newer forms of malware are spreading; malware like “like-jacking” where just by clicking a link you might spread something to all your network. And mobile computer, which is one of the newer risky areas for cybercrime as we’ll discuss further in a bit.
The most common cybercrimes are the oldest: viruses and malware by over 50%. Next came those online scams where we hope to get rich when some benevolent prince or soldier is going to share their overseas wealth with us because we “seem like an honest person”. Third is phishing, those unsolicited emails that seem from legitimate companies or trusted sources we click on that lead us into a whole host of trouble. One new source of cybercrime we found in the study was mobile cybercrime coming in at 10%. One example of a kind of mobile cybercrime is “smishing” which is text based phishing. You might get an unexpected text message and upon responding find you’ve signed up for a premium phone service.
And there are misconceptions about cybercrime that were a little funny. Despite how clearly common cybercrime is, 70% of people still expect real world crime to strike them next. We also found that people who experience real world crime also experience cybercrime which might mean they need to learn to better recognize risky situations when they encounter them on and offline!
Looking ahead, if I had a crystal ball, I’d expect to see more cybercrime on our mobile devices. We can expect to start doing more financial transactions with our cell phones and tablets, due to some applications in development and the convenience of leaving our wallets behind. In some countries people are simply more reliant on their mobile devices because they’ve gone directly to them, skipping over the desktop computing generation entirely. So the mobile computing opportunities for the cybercriminal are very ripe indeed.
We’ll have to think seriously about adding security to our mobile devices and it was heartening to see that 11% of our respondents claim to have already done so. If your mobile device doesn’t yet have a password, consider setting one (and not 0000, 1234 or 2580). Think about installing software on your mobile device to prevent someone from installing malware on it. Security software is also useful to help you remotely locate or lock the device should it be lost or stolen. Conveniently, Norton makes a fine product called Norton Mobile Security for your Android device that can take care of those security needs and you can find it in the Android app store.