page 1

F R A U D R E P O R T

CYBER SECURITY AWARENESS: HOW ONLINE BEHAVIOR PUTS CONSUMERS AT RISK

October 2013

October marks the launch of National Cyber Security Awareness Month in the United

States, a time for the public and private sectors to come together to promote online

awareness about how to stay safe online. Last year, RSA launched the Online Identity Risk

Calculator in conjunction with the National Cyber Security Alliance (NCSA) to provide an

interactive tool for consumers to see how the activities they perform online could put

them at risk for identity theft and other cyber threats.

In the last year, we have received over 14,500 responses from consumers in more than

170 countries. Following are some of the highlights:

– 67% of consumers access their online banking account at least once a week

– 83% of consumers make a purchase online once a month or more often

– 95% of consumers access one email account on a regular basis

– 40% access three or more email accounts on a regular basis

– 77% of consumers access social networking sites on a regular basis

– 74% of consumers have downloaded apps to a mobile device within the last year

– 37% of consumers visit online gaming sites once a month or more often

– 35% of consumers have been infected with a Trojan in the last year

So why are these statistics so important? Well take for example that 3 out of every 10

phishing emails are targeted at social networking sites1. When you consider that more

than three out of every four consumers uses a social networking site on a regular basis,

it makes the net that phishers are able to cast much wider.

1 Kaspersky Security Bulletin: Spam Evolution 2012

page 2

What respondents also indicated is that there is still potential for improvement when it

comes to consumer awareness and education. Among respondents, 29% of consumers

stated they update their anti-virus software less than twice a year and 60% check their

credit reports once a year or less often. While these numbers don’t necessarily suggest

consumer education is lacking, they do suggest that consumers might not be aware of

the simple things they can or should be doing to protect their identity online.

For more information on the Online Identity Risk Calculator, visit www.emc.com/

fraudgame.

page 3

Phishing Attacks per Month

RSA identified 46,119 phishing attacks

launched worldwide in September,

marking a 36% increase in attack volume

from August.

0

10000

20000

30000

40000

50000

Sou

rce:

RSA

Ant

i-Fra

ud C

omm

and

Cent

er3544033768

41834

29581 3015127463

2434726902

3696635831

45232

33861

46119

Sep 12

Oct 12

Nov 12

Dec 12

Jan 13

Feb 13

Mar 13

Apr 13

May 13

Jun 13

Jul 13

Aug 13

Sep 13

US Bank Types Attacked

U.S. nationwide banks remained the most

targeted with 60% of phishing attacks

targeted at that sector in September.

0

20

40

60

80

100

Sou

rce:

RSA

Ant

i-Fra

ud C

omm

and

Cent

er

9% 9% 12% 6% 15% 8% 17% 15% 8% 11% 11% 11% 14%

14%14%

9%15%

15% 23%

23%

12% 19% 13% 15% 23% 26%

77% 77% 79% 79% 70% 69% 60% 73% 73% 76% 74% 66% 60%

Sep 12

Oct 12

Nov 12

Dec 12

Jan 13

Feb 13

Mar 13

Apr 13

May 13

Jun 13

Jul 13

Aug 13

Aug 13

page 4

Top Countries by Attack Volume

The U.S. remained the most targeted

country in September with 50% of the total

phishing volume while Germany saw a

striking 20% increase in attack volume –

up from 11% in August.

UKGermanyChinaCanadaSouth KoreaAustraliaa

United Kingdom 5%

U.S. 50%

Netherlands 2%

South Africa 2%

India 2%

Germany 31%

47 Other Countries 7%

MalaysiaBrasilIndiaNetherlandsCanadaItalyChinaS AfricaUS

Top Countries by Attacked Brands

In September, 28% of phishing attacks

were targeted at brands in the U.S.,

followed by the UK, India and Brazil.

Top Hosting Countries

About four out of every ten phishing

attacks were hosted in the U.S. Canada

saw a decrease in hosted phishing

attacks – from 14% to 6% in September. U.S. 42%

48 Other Countries 23%

Canada 6%

France 4%

Germany 6%

Brazil 3%

United Kingdom 4%

Russia 4%

Colombia 4%

Netherlands 5%

MalaysiaBrasilIndiaNetherlandsCanadaItalyChinaS AfricaUSa

United Kingdom 13%

44 Other Countries 33%

U.S. 28%

Canada 3%

South Africa 3%

China 3%

Australia 3%

France 4%

Brazil 4%

India 7%

www.emc.com/rsa

CONTACT USTo learn more about how RSA products, services, and solutions help solve your business and IT challenges contact your local representative or authorized reseller – or visit us at www.emc.com/rsa

©2013 EMC Corporation. EMC, RSA, the RSA logo, and FraudAction are trademarks or registered trademarks of EMC

Corporation in the U.S. and/or other countries. All other trademarks mentioned are the property of their respective

holders. OCT RPT 1013