86 percent of Australians are at risk from online fraud, with users failing to spot the difference between a fake website and a real one.
Click to enlarge
|Which website is fake?|
The survey asked more than 8,000 respondents across nine countries to “spot the difference” between real and fake Web sites from VeriSign’s recently launched the Phish or no Phish challenge. The findings showed the vulnerability of Internet users globally.
Scare tactics by fraudsters remains an effective form of phishing for Australian consumers. Despite targeted education efforts by banks and online retailers alerting customers not to share their personal information online, almost a quarter (23%) of Australians still fall into this trap.
VeriSign Asia Pacific’s Director – Authentication Services, Armando Dacal said “Our research tested the applicability and understanding of a variety of phishing methods Australian consumers need to be aware of. Sneaky strategies such as imitation Web sites that try and phish your personal details have been shown to work across all demographics, particularly on the age group 45- 54 years.”
The research revealed that 45 – 54 year olds were 25 percent less likely to spot a fake Web site than other age groups. Different age groups were susceptible to different forms of scams; the over 65 year olds are more than twice as likely to fail to check that they are entering their details into a site that has the correct URL, with 43 percent failing to pick up the inaccurate URL addresses. This statistic compares to 16 percent of the savvier 18-24 year olds who performed strongly on this point.
The younger age group, however, is more likely to respond to scare tactics to give away their personal details with more than a quarter (26 percent) failing to identify the fake phishing Web site. Across the board, spelling mistakes were overlooked as being a clear indicator of a fake Web site, with 87 percent of respondents missing the obvious errors that would never be found on a valid company site.
VeriSign has compiled its Top five tips to distinguish a real site from a phishing site.
Consumers should check whether or not a site is genuine and is taking measures to protect their personal details by looking for the following:
- https:// The “s” in https:// means the site is encrypted, so the information you enter is secured. While some phishing sites do have a secured Web address, many do not. Therefore, site visitors should be on the lookout for missing security on sites that should have it.
- The padlock icon: To be meaningful this icon must appear in the actual browser interface and not inside the content of the page itself.
- Trust marks: Simple visual cues in the form of popular logos can show that a Web site is authenticated, secured, and the company is reputable.
- Check the Web address: Be suspicious of any site with an unknown domain that contains the name of a well known site in the latter part of the Web address.
- Green address bar: This signifies that this site has undergone extensive identity authentication so that you can be confident it is the site it claims to be.
To take the phishing site test, visit www.phish-no-phish.com