Fear of online crime inhibits online commerce - EU survey

But only half of Europe's internet users have anti-virus software

A European Union-wide survey of internet users has found a widespread distrust of online commerce, with more than one in 10 users claiming that they have been the victims of online fraud, and eight per cent claiming that they have suffered identity theft.

That is the conclusion of a new Eurobarometer survey of almost 27,000 people across the EU.

However, there were a number of contradictions. For example, while nine-tenths of respondents say that they avoid disclosing personal information online, more than half use social networking sites. Furthermore, despite the distrust, one-fifth of Europeans use the internet to sell goods or services.

Other key findings of the survey were:

* 53 per cent of internet users say they buy goods or services online and 48 per cent bank online;
* 29 per cent are not confident about their ability to use the internet for things like online banking or online purchases;
* 59 per cent do not feel well informed about the risks of cyber crime;
* 40 per cent are concerned about someone taking or misusing their personal data; and,
* 38 per cent express concern about the security of online payments.

The UK-specific numbers, meanwhile, which covered 1,305 respondents, demonstrate greater confidence, with 58 per cent of responses claiming that they feel "well informed" about the risks of cyber crime, compared to 38 per cent across the EU as a whole.

However, that also meant that UK respondents were less likely to have changed their passwords in the past 12 months for such activities as web-based email accounts, shopping websites and even the online banking websites that they use.

"The UK-specific statistics in the EU survey show a population that embraces transacting online, while remaining very concerned about security, particularly around payments. However, there is a gap between perception and action. The UK ranked among the highest in the number of people saying they were very well or fairly well informed about online security," said André Stewart, President International at Corero Network Security.

He added: "However, fewer than half – slightly below the EU average – have installed anti-virus software, and less than 40 per cent avoid opening emails from people they don't know. The results of the survey point to the fact that people need to take security measures that are commensurate with their concerns."

The fact that only about half of respondents – in the UK and across Europe – had installed anti-virus software is especially worrying, given that such basic security software from AVG, Avira and Microsoft can be freely downloaded.

[Turn to next page]

Fear of online crime inhibits online commerce - EU survey

But only half of Europe's internet users have anti-virus software

Counter-attack
In response, the European Commission is establishing the European Cybercrime Centre (EC3), which will open its doors in January 2013.

This will be part of Europol, the centralised European Union anti-crime organisation, and be based in The Hague in the Netherlands.

According to the EU: "The centre will seek to find ways to better protect social network profiles from e-crime infiltration and provide information and analysis to national law enforcement authorities. This will enable them to assist in the fight against online identity theft, child sexual abuse and exploitation and cyber-attacks affecting critical infrastructure and information systems in Europe."

EC3 will comprise a cyber crime lab, and will employ 30 full-time staff. It will liaise with EU member states who will contribute experts to the centre. As part of the development of the centre, contacts are being established with national cyber crime units in law enforcement as well as with cyber security and anti-virus software vendors in the private sector.

The establishment of EC3 follows a September 2010 proposed directive to deal with online crimes, such as large-scale cyber attacks. It proposes the criminalisation of creating and selling malicious software and improved pan-European co-operation against online crime. The directive would also introduce higher criminal sanctions for online crime.

Finally, the European Commission and the European External Action Service (EEAS) – the European Union's nascent foreign relations department – are currently preparing a "European strategy for cyber security".

This will outline a comprehensive approach to cyber security across the EU, which will require the involvement not only of public authorities, but will also co-opt the private sector.

"The strategy will have to address a variety of policy fields that can be adversely affected by cyber security risks and threats. It will encompass measures addressing, among other things, infrastructure protection and cybercrime as well as external aspects such as the role of cyberspace in democratic movements and capacity building in third states," said the European Union in a statement.