Overconfidence among users helped hackers net $172 billion last year

Despite the fact that large-scale cyber-attacks are receiving more global media coverage than ever before, consumers’ overconfidence in their everyday cybersecurity practices helped hackers steal $172 billion in 2017, a new report indicates.

The WannaCry outbreak, hacks against Equifax and Uber, and reports surrounding the dangers of insecure IoT devices made waves around the world last year, but according to the latest Norton Cyber Security Insights Report from Symantec, these high-profile attacks have done little to convince consumers of the need to improve their cybersecurity posture.

According to the report, which covers 20 of the world’s biggest economic markets, 978 million people fell victim to a hack last year. And while targeted attacks such as spear phishing are becoming more frequent, Symantec said everyday consumers remain most at risk.

Interestingly, while those who have experienced a hack over the past 12 months emphasized the importance of online security more than non-victims, this group of individuals are more likely to “contradict their efforts” through simple missteps.

“Consumers’ actions revealed a dangerous disconnect: Despite a steady stream of cybercrime sprees reported by media, too many people appear to feel invincible and skip taking even basic precautions to protect themselves,” said Fran Rosch, executive vice president of Symantec’s consumer business unit.

“This disconnect highlights the need for consumer digital safety and the urgency for consumers to get back to basics when it comes to doing their part to prevent cybercrime.”

Although consumers reported increased take-up of new security techniques, such as fingerprint ID and two-factor authentication, 20% of cybercrime victims continue to use the same passwords across all online accounts, and 58% shared at least one device or account password with others.

With the frequency of high-profile cyber-attacks only expected to grow over the coming year, Symantec urged consumers to adopt and maintain good cybersecurity, including the use of strong, phrase-based passwords and two-factor authentication.

The California-based security group also warned people against using public WiFi networks to access personal information and think twice before opening unsolicited messages or attachments.