According to the ‘Are you cyber savvy?’ quiz from Kaspersky Lab, 41 per cent of consumers are uncomfortable with websites tracking their location and online activities, yet do nothing about it. The findings demonstrate a concerning lack of cyber-savviness amongst consumers about how to protect their privacy online.
Our habitual online activities like shopping, chatting and travelling are all recorded and stored by different services. Online merchants, for example, use consumer browsing data to tailor their ads to suit user preferences. Access counters, web analytics tools and social networks also all constantly watch Internet users; track what they do online and where they are when they do it.
Even if they have nothing to hide, consumers are disturbed by the thought that large volumes of information about them could be stored, sold to third parties, or even accidentally leaked to the wider – and potentially malicious – online community. The majority of users (79 per cent) do not like being tracked, yet 41 per cent do nothing to protect themselves. When questioned, a concerning one-in-ten (nine per cent) were even unaware that tracking took place at all.
David Emm, principal security researcher at Kaspersky Lab says, “Consumers are uncomfortable with the fact that their online activities are being tracked. And who can blame them? With tracking data, it’s possible for advertisers, or even malicious third parties, to peer into the life of a person – from where they go, to the sites they browse. However, the crux of the problem is that many users simply aren’t cyber-savvy enough when it comes to protecting themselves from online tracking. They may be concerned, but do nothing about it. Even worse, they may not understand that they are putting their privacy at risk at all.”
With just a quarter (27 per cent) of consumers using a privacy mode in their browser and eleven per cent using a special plugin for privacy, there is more work to be done before all consumers have their privacy protected.
There are several steps cyber-savvy consumers can take to ensure their privacy online:
- Firstly, change some browser settings – e.g., disable automatic add-on installation, block suspicious web sites and pop-ups, make SSL certificate checks compulsory and block third party cookies.
- When installing new free software, untick the boxes that let the software install additional toolbars, plugins and extensions. Otherwise these can – absolutely legally – be used to collect consumer data.
- Use HTTPS sites wherever possible. HTTPS means that the traffic is encrypted. Avoid using mail providers, social networks or ecommerce sites without an HTTPS connection.
- Use two different browsers – one for primary online services (social networks, web mail, productivity tools, ecommerce), and one for web surfing, so that online activity cannot be matched to an individual user’s identity.
- Use VPN traffic encryption.
- Finally, use special private features such as the Private Browsing feature in Kaspersky Internet Security or Kaspersky Total Security, which removes user information from the Internet traffic, allowing users to browse in privacy.
David Emm is Principal Security Researcher at Kaspersky, a provider of security and threat management solutions.
David joined Kaspersky in 2004. He is a member of the company's Global Research & Analysis Team (GReAT) and has worked in the anti-malware industry since 1990 in a variety of roles, including that of Senior Technology Consultant at Dr Solomon's Software, and Systems Engineer and Product Manager at McAfee.
In his current role, David regularly delivers presentations on malware and other IT security threats at exhibitions and events, highlighting what organisations and consumers can do to stay safe online. He also provides comment to broadcast and print media on the ever-changing cyber-security and threat landscape. David has a strong interest in malware, ID theft and the human aspects of security, and is a knowledgeable advisor on all aspects of online security.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.