U.S. consumers lose more than $7 billion on on-line threats

August 6, 2007

A million victims lost money to e-mail “phishing” scams in the past two years; CR Ratings of online protection software & tips for staying safe online

YONKERS, NY — The risks associated with using the Internet remain high according to Consumer Reports’s latest “State of the Net” survey. Consumer Reports projects that U.S. consumers lost more than $7 billion over the last two years to viruses, spyware, and phishing schemes. Additionally, the “State of the Net” survey shows that consumers face a 1 in 4 chance of becoming a cybervictim, a number that has slightly decreased since last year.
The number of consumers responding to e-mail phishing scams has remained constant at eight percent. Consumer Reports projects that one million U.S. consumers lost billions of dollars over the past
two years to such scams.
Many underage youngsters are at risk on social networks such as MySpace and Facebook, the survey found. In households surveyed with minors online, 13 percent of the children registered on MySpace were younger than 14, the minimum age the site officially allows, and three percent were under 10. And those were just the ones the parents knew about.
Based on the survey, Consumer Reports projects that Americans spent at least $5 billion for computer repairs, parts, and replacement over the past two years to correct problems caused by viruses and spyware.
The 2007 “State of the Net” survey was conducted by the Consumer Reports National Research Center among a nationally representative sample of more than 2,000 households with Internet access. Consumers can visit http://www.ConsumerReports.org to access the full “State of the Net” report including free tips related to online protection, avoiding viruses, and reporting cybercrimes.
Among CR’s key 2007 “State of the Net” findings:
Based on survey projections, virus infections prompted an estimated 1.8 million households to replace their computers in the past two years and 850,000 households to replace computers due to spyware infections in the past six months. Additionally, 33 percent of survey respondents did not use software to block or remove spyware. And CR projects that 3.7 million US households with broadband remain unprotected by a firewall.
Spam: Consumer Reports’ survey respondents have reported a lower proportion of
spam reaching their Inbox than in the past, which CR believes is a result of better spam-blocking. Survey results indicate that about 650,000 consumers ordered a product or service advertised through spam in the month before the survey. Additionally, in 5 percent of the households surveyed that had children under 18, a child had inadvertently seen pornographic material as a result of spam; that’s three percentage points lower than last year.
Viruses: Virus infections held steady since last year according to CR’s survey. CR notes that this is actually a mark of progress for consumers and software makers, because the threats have become more challenging. In the latest survey, 38 percent of respondents reported a computer virus-infection in the
last two years. Seventeen percent of respondents didn’t have antivirus software installed.
Spyware: In the past six months, 34 percent of respondents’ computers were exposed to
a spyware infection. CR’s survey also reveals that although spyware infections have dropped, the chances of getting one are still 1 in 3, and of suffering serious damage, 1 in 11.
Phishing: Eight percent of respondents submitted personal information in response to conventional phishing e-mails in the past two years, a number that has remained unchanged over the past two years. However, the median cost of a phishing incident decreased substantially since last year to $200. Yet
scammers’ tactics are improving – e-mail looks like it comes from a reputable business such as a bank and features better grammar, more believable stories, and more authentic-looking Web addresses.
Consumer Reports rates security suites
Consumer Reports tested nine security suites, four of which are Quick Picks that protect against viruses, spyware, and spam as effectively as the best stand-alone products.
Security software was tested both in-house and in an independent research laboratory. CR tried as much as possible to emulate the conditions programs actually face on the Web by using real malware, including viruses that are slightly modified versions of those found online, and spyware that was actually harvested from the Web. CR took extraordinary measures to ensure that these threats were contained in the labs.
CR’s tests found that a security suite from Trend Micro, $50, excelled in every category and even with its $50 yearly renewal cost, it offers fairly inexpensive all-around protection for as many as three computers. It scored “Excellent” in CR’s Ratings for its antivirus, antispyware and antispam capabilities. Other Consumer Reports Quick Picks include a security suite from Check Point and two from McAfee. Check Point’s ($50) antispam protection was first-rate and its annual renewal rate is $15 less than Trend Micro’s.
Both products from McAfee, Total Protection 2007 ($80) and Internet Security Suite 2007 ($70) combine high performance and ample features, including a file-back-up utility, and offer an integrated security solution. The lower-priced suite is the better buy for consumers who don’t need a Wi-Fi monitor. The best of the free software available online did not perform quite as well in CR’s tests as the best for-pay programs. The best for-pay programs offered the greatest margin of security against any or all online threats in CR tests. However, no-cost programs are worth considering as supplementary protection or even as primary protection if consumers practice safe computing.
Ratings of stand-alone security software are available in the CR’s full report and online at http://www.ConsumerReports.org.
Tips to stay safe online
The September issue of Consumer Reports includes tips on the best way a consumer can stay safe online:
Activating protection. Consumers should turn on their operating system’s firewall, spam blocker, or other built-in security application if it has one. Also activate spam filtering and other online protection provided by an Internet Service Provider (ISP) or email service.
Shutting down. Turning off the computer when not using it for long periods (or at least
disconnecting the Internet cable) can reduce the chance that a malicious remote computer will access it.
Using public computers with care. Consumers should not conduct financial or other
personal business on computers at libraries, hotels, or airports. The same goes for using a personal computer on a public wireless network.
Considering Mac. Although Mac owners face the same problems with spam and phishing as Windows users, they have far less to fear from viruses and spyware. Because Macs are less prevalent than Windows-based machines, online criminals get less of a return on their investment when targeting them.
Watching downloads. The myriad of free utilities, games, and other software on the Internet can be useful, but many are laden with viruses and spyware. Stick to downloads from well-known manufacturers or trusted sites.
The full report is available in the September issue of Consumer Reports. It also features Ratings of 13 laptops and 9 desktops and a first look at Intel’s new Centrino Duo mobile technology.
— 30 —

Lauren Hackett (914) 378-2561 or Melissa M. Calabro (914) 378-2432
lhackett@consumer.org mcalabro@consumer.org
The material above is intended for legitimate news entities only; it may not be used for commercial or promotional purposes. Consumer Reports® is published by Consumers Union, an expert, independent nonprofit organization whose mission is to work for a fair, just, and safe marketplace for all consumers and to empower consumers to protect themselves. To achieve this mission, we test, inform, and protect. To maintain our independence and impartiality, CU accepts no outside advertising, no free test samples, and has no agenda other than the interests of consumers. CU supports itself through the sale of our information products and services, individual contributions, and a few noncommercial grants.