IT users' security awareness "out of date"

A hacker

IT users' security know-how is out of date, and poses a risk to their personal data and to their employers.

Furthermore, myths surrounding how malware spreads is leaving organisations vulnerable to hacking and cyber crime, according to international research.

According to G Data's 2011 security survey, 53 per cent of UK computer users believe that most malware spreads via email, whereas in practice, links on websites are now more a common source of malware than infected attachments.

Almost half of UK respondents also thought that peer to peer and "torrent" sites were the most risky, and one in three believed that pornographic website were the most likely to lead to infections.

Globally, more than nine out of ten of those surveyed believed that they would notice a malware infection on their PCs, but, according to G Data, most malware now has no visible effect.

Malware writers prefer to keep their software hidden from view, to maximise the chances of stealing sensitive data from online banking or shopping transactions, or from emails.

"Cyber criminals design, sell and make use of malware that enables them to take control of PCs' computing powers in such a way that users do not notice the infection," said Eddy Willems, G Data's security evangelist.

The report's authors also pointed out that, whilst consumers and business IT users are wary of malware spread by email, they are far less cautious when it comes to their use of social networking sites. A third of respondents trust links on social networking sites, and one in five click on links regardless of whether they know, or trust, the source.

And, despite the growing threat level online, 50 per cent of consumers rely on free anti-virus software alone, and do not use other protective measures such as firewalls. And 11 per cent of users install no security software at all, G Data found.

G Data surveyed 16,000 internet users between February and March 2011, across 11 countries including Germany, France, the UK and the United States.

In the UK, internet service provider Virgin Media recently had to write to customers with infected PCs after the Serious Organised Crime Agency spotted a spate of SpyEye infections.