A survey commissioned by online payments company, PayPal Australia, has revealed that some Australians don't know the number of websites holding their personal information and many are using the same passwords across multiple accounts, much to the alarm of security experts.
Conducted with 500 participants, the survey found that despite 75 per cent of respondents being concerned about the information they shared online, almost 50 per cent didn't know how many sites held their personal details. The research also found that almost half of respondents had their details stored across more than five accounts and 60 per cent of consumers admitted using the the same password across multiple accounts.
“In addition to the more obvious places, such as social networking sites and online bank accounts, Australians are also sharing their personal information everywhere from newsletters and online shopping sites to recruitment services and real estate websites,” said PayPal Australia managing director, Frerk-Malte Feller, in a statement.
According to Feller, losses reported to the Australian Competition and Consumer Commission (ACCC) from cybercrime totalled more than $63 million in 2010.
He urged Australians to audit and keep track of their online profile and monitor the trail of personal and financial information they leave online.
“Personal information provided to a daily newsletter will be far less secure than information provided online to a financial institution,” Feller said.
“Once a cybercriminal has access to your password on one online account, they could quickly build up a profile of personally identifiable information, which could be used to steal anything from savings to entire personal identities.”
His comments echo those of Sophos' Asia Pacific managing director, Rob Forsyth, who told Computerworld Australia this week that if a breach has occurred in one place, and someone has shared a password across many different applications, they were effectively opening themselves up to the "weakest link" to the chain.
As a result of the survey's findings, PayPal has developed some tips for safely sharing information online, including:
- Completing an audit of where details are held online and cull anything that is unnecessary.
- Think twice before entering details online and never click ‘remember my details’ on sites.
- Read the terms and conditions available on sites before entering details, and understand how details will be used and shared.
- Beware of phishing emails. Be wary of clicking on links in emails to log into online accounts. When in doubt, always open a new browser and type in the URL of the company’s website and then enter personal information.
Got a security tip-off? Contact Hamish Barwick at hamish_barwick at idg.com.au
Follow Hamish Barwick on Twitter: @HamishBarwick
Follow Computerworld Australia on Twitter: @ComputerworldAU
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.