The IT Nerd

While online privacy and security are a concern of nearly two-thirds of Americans, usage of Virtual Private Networks (VPNs) has declined to 32% of U.S. internet users.

That’s down from 46% last year and 39% the year prior, according to annual research by Security.org. VPN usage by U.S. businesses also dropped to just 8% from 13% a year ago.

Why? Consumers face barriers like low awareness, unclear benefits and cost, while businesses grapple with VPN vulnerabilities, rising ransomware attacks and the shift to zero-trust security frameworks.

Security.org also found:

• 37% of users turned to VPNs to reduce tracking by search engines or social media platforms, and nearly 1-in-4 used VPNs to access International streaming content
• Most popular VPN brands in the U.S. are NordVPN, Proton VPN and ExpressVPN
• Despite security risks, 28% of users rely on free VPNs
• VPN usage was most prevalent among those 18-29, with almost 40% reporting regular use

Full details at: https://www.security.org/resources/vpn-consumer-report-annual/

Even as Americans embrace AI, crypto, and smart home devices, new research shows that many are still ignoring basic cybersecurity best practices. According to new research from Security.org, 1-in-4 U.S. adults still write down their passwords on paper, and nearly 1-in-5 reuse the same passwords across multiple accounts.

These risky behaviors come at a significant cost. The FBI reports that identity theft and stolen login credentials cost Americans over $12.5 billion last year. Despite these rising threats, Security.org’s Annual Password Manager Market Report found that only 36% of U.S. adults (about 94 million people) currently use password manager services.

Here are some other key findings from the new research: 

• Over half of adults use risky methods like memorization, browser storage, and written records to manage their passwords. These people were more likely to have experienced recent identity theft compared with those who use password managers. 
• LastPass was once the most popular password tool but is still struggling to regain public trust and market share after several data breaches and a recent customer service scam.
• Tech giants like Google and Apple now dominate the password manager market, with 55% of users relying on their proprietary tools.
• Over 75% of non-users say they are open to adopting password managers if it offers the right combination of usability, security, and affordability.

Full details at: https://www.security.org/digital-safety/password-manager-annual-report/

Although some experts argue it is archaic, and tools like Kaspersky have recently increased security risks for users, 121 million Americans (46 percent) rely on antivirus technology.

Another 17 million plan to adopt in the next six months, leveraging both paid and free third-party antivirus software from providers like Norton and McAfee, among others.

Meanwhile, 54 percent rely on built-in antivirus protections (or none at all) on their devices, from the likes of Apple and Microsoft.

Security.org’s report also found:

• Seventeen percent of adults run antivirus programs on their mobile phones
• Americans aged 65 or older are twice as likely to pay for antivirus as those under 45
• Norton Antivirus remains the top choice for paying customers, while McAfee is the most popular free program
• About three percent of antivirus users were running Kaspersky software before the U.S. government banned sales last month
• Antivirus use for cryptocurrency transactions has increased in the past two years, while the need to secure remote working connections has dropped by half

To read the new annual antivirus report by Security.org visit: https://www.security.org/antivirus/antivirus-consumer-report-annual/

Americans are increasingly concerned about the exposure of their personal data online. Despite these worries, new research from Security.org revealed only 6 percent of U.S. adults currently utilize data removal services. 

This underscores a significant market opportunity, one that has prompted major players such as Mozilla and DuckDuckGo to introduce their own services this year. Security.org found that 26 million more users could adopt data removal services in the next 12 months, a 90 percent increase.

The new Security.org research also revealed:

• About 14 million U.S. adults currently rely on data removal services to increase privacy and prevent their information from being bought and sold by data brokers
• Early adopters were interested in clearing personally identifying information from the web, thus reducing their risk of identity theft and the number of robo-calls they receive
• Fifty-three percent didn’t know what a data broker was, and more than half of consumers weren’t even aware that data removal services existed
• 40 percent of Americans were unaware of that data brokers sometimes sell their data to the U.S. government, which uses it for law enforcement, immigration, and homeland security purposes

Complete details at: https://www.security.org/resources/data-removal-service-usage-study/

Even as Americans continue to overshare on social media, 46 percent (or as many as 105 million) are using virtual privacy networks (VPNs) to encrypt Internet traffic, up 39 percent from last year.

New research shows 95 percent of adults are now familiar with VPNs and as many as 10 million could begin using them in 2024, according to Security.org’s annual VPN market research. Key findings include:

• The most popular VPNs were NordVPN, Proton VPN, and Google One VPN, which has surged in popularity since Google began offering it free with cloud storage subscriptions and Pixel 7 phones last year
• About half of all users rely on VPNs for work or business applications, and an equal number use them on personal devices
• Nearly 40 percent of users rely on VPNs to prevent tracking from search engines or social media sites
• Despite the risks, about 43 percent of users have free VPNs, which can jeopardize data security

You can read the full report here.

Password managers are now employed by 79 million Americans to protect and access logins across the web, according to new research. Now, more than one-in-three in the U.S. use one – up significantly from one-in-five a year ago.

In their third annual research report, Security.org also found that 10 percent of adults now use security keys to protect their credentials, as the use of multi-factor authentication (2FA/MFA) gains traction.

What else did Security.org find from its annual analysis of the password habits of more than 1,000 Americans?

• Google and Apple password managers, built into their devices and browsers, now account for one-half of the market and are more popular than any other password management tools
• Despite the rise in secure password management strategies, 41 percent of online account holders still rely on memorization to track their passwords, and 25 percent save passwords on their devices in unencrypted files or notes
• More than one-in-four password manager users jeopardize their personal data by reusing master passwords elsewhere; people who engage in this unsafe practice are more likely to have experienced recent identity theft
• Seventy-one percent of those without password managers are open to signing up for services in the future, signifying the market is far from saturated

Full details can be found at: https://www.security.org/digital-safety/password-manager-annual-report/

Use peer-to-peer (P2P) payment services, like Venmo or Zelle? Seventy-six percent of Americans do. And new research finds someone has scammed or attempted to scam 68 percent of users this year, up from 42 percent two years ago.

Conducted by Security.org (https://www.security.org), the research also identifies more than a dozen other internet scams consumers need to be aware, including in-and-around cryptocurrency, online gaming, social media and student loan forgiveness, just to name a few.

In addition, the research includes tips on how to spot and stop fraudulent activity online and protect personal data.  Here are the latest statistics from Security.org’s research on new online scams:

• One-in-four cryptocurrency owners have been targeted by scams; most often, victims lost money when they thought they were sending cryptocurrency to a well-known figure in the crypto space
• 37 percent of gamers have been the target of a scam at least once; most frequently, clicking on a fraudulent link for free in-game accessories or upgrades
• Malicious links in text messages are on the rise as 66 percent of Americans have received a suspicious text from someone they didn’t know, with about one-in-five clicking on links from senders they did not know
• 22 percent of people bought something on social media that they have yet to receive 

Full details at:https://www.security.org/digital-safety/new-online-scam-prevention/

Even as Apple and Microsoft invest billions in protecting their own devices, 85 percent of American adults are continuing to rely on third-party antivirus software, up from 77 percent a year ago.

That is one finding of Security.org’s annual report on the antivirus market:

Security.org’s latest report also found:

• Nearly three-in-four Americans still strongly believe computers need antivirus to protect their devices
• More than half (61 percent) of antivirus users rely on free programs, such as Microsoft Defender, which comes installed on their PCs
• Only eight percent of free antivirus users experienced a breakthrough virus in the past year, compared to 10 percent of paid users
• An estimated 33 million households pay for antivirus software, many of which include popular features that boost internet security, such as VPNs, password managers, or secure browsers
• Seven percent of people in the study – an estimated 16 million Americans – will be in the market for antivirus software in the next six months

You can read the full report here. I will say that this mirrors a lot of the experience that I have with my home/SMB clients which makes this report worth reading.

Up to 85 percent of identity theft nowadays is synthetic, which means thieves use combinations of real and fake information to take out loans, get credit cards, purchase cars, collect unemployment, and much more. And it’s grown 233 percent over five years. 

Children are uniquely vulnerable, because it’s an amalgamation of different identities (name, Social Security number, etc.) and 86 percent of parents don’t look at their kids’ credit report or other reports that would alert them to fraud – a key reason why the problem is growing and can go undetected for years until the damage is already done.

How can parents protect their kids? Security.org is out with research and tips, including how to notice early indicators and take action quickly to reduce damage.

Key findings include: 

• Only six percent of parents use credit monitoring services to track their children’s credit activity
• Parents feel their children’s data stored in social media, medical records, and school forms were most vulnerable to theft
• Nearly 25 percent of parents weren’t taking any active steps to protect their children’s sensitive data, up from 15 percent in 2020

Parents can find helpful tips to keep their kids safe here: https://www.security.org/digital-safety/synthetic-identity-theft-guide-for-parents/

It’s almost 2023, and nearly two-in-three people still track their passwords by memorization or hand-written notes, according to new research. This, even as identity theft doubled during the pandemic. 

The second annual study by Security.org asked more than 1,000 Americans how they keep track of online passwords and reveals practices most common across those that experienced identity theft in the last year. Not to mention, risky habits of password manager users.

Google Password Manager is the most used tool in 2022, per 23 percent of respondents, up from eight percent last year.

Other key findings include: 

• Web users without password managers are three times more likely to experience identity theft than those who properly use them
• After a massive data breach, LastPass moved from the most popular manager in 2021 to the fourth-most popular in 2022
• Mobile usage of password managers surpassed desktop usage in 2022, with 84 percent of password vault users employing them on their phones

The full research is here: https://www.security.org/digital-safety/password-manager-annual-report/