Phishing is a major cyber threat that endangers not only enterprises but also average users. Even though most people are quite aware of the risks that online money transactions bring, not enough people are properly educated when it comes to phishing.
According to online security experts, phishing may double its negative impact as millions of people (in the UK and perhaps other countries) are currently preparing to complete their tax returns online by the end of January. To cast a light on the dangers brought by phishing emails, a study on 1000 UK citizens has just been conducted, led by Brian Spector, CEO of IT security firm MIRACL.
Phishing emails are quite popular during tax return season
If you consider the tons of sensitive information being disclosed online as we speak, it’s only natural to expect new tricks by cyber crooks. Particularly in the United Kingdom, at least 40% of users have already received a phishing email masqueraded as an official HMRC email.
The troublesome thing is that too many Brits remain unaware to the risks of phishing, especially during tax returns time. Furthermore, 48% of the survey takers are not troubled at all about revealing their personal data. Surely, the lack of fear comes from ignorance – many users have no idea how valuable their personal data truly is.
More results from the survey:
- A prevalent number of the people that took part in the survey believe that online shopping is the biggest threat
- Approximately a third of the survey participants are mostly concerned about online banking;
- Only 14% are anxious about using government services online (filling out a tax return form included).
Strong passwords won’t do the trick
According to the experts that carried out the survey, users’ illiteracy in terms of cyber fraud may come from a sense of security that a stronger password would protect their information. More than two-thirds of the survey participants apply complex passwords which contain combinations of letters and numbers. Now is the perfect time to raise a red flag – usernames and passwords are widely regarded by security experts as an old technology. In other words, contrary to the widespread belief, passwords have little to do with security. Why is that?
Major data breaches have proven the ineffectiveness of passwords
Servers that maintain passwords often fall victims to hacking. As a result, customer data becomes an unsuspecting actor in the next scary data breach. We have seen this scenario play out as planned by cyber criminals way too many times only because of technology stagnation. If you think we are exaggerating, just go through the major data breaches that happened all around the world throughout 2015.
Of course, the continuously growing number of cyber security incidents makes people more apprehensive about their personal and financial data made accessible online. Many users in the UK, and perhaps elsewhere, would feel much better if governmental websites embrace stronger security methods like multi-factor authentication.
Institutions should think of appropriate ways to secure users’ data
In relation to a better online security during tax return season, security experts advise people in the UK to use GOV.UK Verify – a new way to access government services online. Even though the service is still in public beta, users can opt-in to use it while dealing with tax returns online. The server is designed to store no passwords or any other authentication credentials. Instead, users can log in using a five digit PIN code and a software token. If there is no password to be stolen, online services should be much more secure to their customers.
It would be much appreciated by millions of users worldwide if more governments and institutions started thinking about bringing their security to the next level.