The COVID-19 pandemic has helped spread another contagion – a rapid increase in cyber scams, attacks and fraud targeting vulnerable consumers and businesses across the globe. The FBI recently reported that it has started seeing about 3,000 to 4,000 complaints a day through its internet portal, up from about 1,000 complaints pre-coronavirus. The Federal Trade Commission reported that from January to April 2020 it received more than 18,000 fraud reports just related to COVID-19, with 46 percent reporting a financial loss. Losses from coronavirus-themed fraud alone in 2020 are approaching $13.5 million.
As COVID-19 has transformed the way people around the world are working, employers want to know how savvy their workforce is on common cybersecurity risks and what practices they follow to protect their home networks. To address these important questions, CyberScout in early February 2020 surveyed more than 1,000 US full-time workers and then conducted a follow up survey in early May 2020 of 250 US full-time workers to confirm if behaviors had changed since the onset of remote work and shelter-in-place orders. The survey revealed that the workforce is more concerned about cyber risks than they were early this year, and that many Americans are still not adopting basic cybersecurity best practices.
Just prior to widespread stay-at-home orders, most Americans were not aware of the prevalence of identity theft and were not aware that cybercriminals would seize on the coronavirus topic to attack millions across the globe.
- (52 percent) did not believe it was likely they would become a victim of identity theft in the next three years.
- 55 percent believed it was somewhat or very unlikely their financial accounts would ever be hacked.
Now, with widespread stay-at-home orders in place and an increase in reported fraud nationwide, Americans have been much more aware of the cyber risks and likelihood of attack.
- More than 57 percent of respondents now believe it is very or somewhat likely they will become a victim of identity theft (16 percent increase) in the near future.
- 55 percent now believe it is somewhat or very likely they will fall victim to financial account hacking (22 percent increase) in the near future.
Americans are experiencing a significant increase in concern about financial account hacking.
- 20 percent of Americans believe it is very likely they will experience financial account hacking in the near future.
Post-pandemic, use of stronger passwords is the top behavior change a majority of Americans are following.
- More than half (52 percent) of respondents noted they are using strong passwords since the onset.
Despite this improvement, less than half of the American workforce is keeping software updated and only 25 percent are using a VPN to strengthen home network security which is a risk to businesses during the shelter in place order.
- 42 percent are keeping software updated.
- 25 percent are using a virtual private network to strengthen home network security.
“Consumers and businesses were under siege from cyber threats before the pandemic, but lack of awareness combined with a sense that there was little they could do to stop sophisticated hackers and identity thieves caused millions of Americans to not take cybersecurity seriously,” said Jennifer Leuer, Chief Executive Officer, CyberScout. “Enter COVID-19 and criminals are abusing any and every angle they can to steal federal relief funds, divert tax refunds, compromise business systems or con consumers out of money. In the cybersecurity community we continue to struggle with a ‘it won’t happen to me’ mentality from businesses and consumers alike, but COVID-19’s cyberthreat landscape has proven how important it is for people to protect themselves.”
– Jennifer Leuer, Chief Executive Officer, CyberScout