Kiwis 'naive' about cybersecurity

Smartphone users are increasingly being targeted by cyber attackers. Photo / Getty Images

The Kiwi "she'll be right" attitude is leading to an increase in cybersecurity attacks as mobile and social media users download free apps and share links without checking privacy and security policies, according to a report.

The internet security threat report by Symantec, maker of Norton AntiVirus, showed a quarter of mobile users did not know what they had agreed to give access to on their phones when downloading an application, and 66 per cent said they were willing to trade their privacy for a free app.

Symantec technology strategist Mark Shaw said such user attitudes were becoming a problem.

"It's definitely a 'she'll be right thing', we're a nation of oversharers, we inherently trust everybody and we're perhaps a little naive when it comes to internet security," Shaw said.

"We embrace technology, we're very active on social media, and with mobile uptake and lots of these areas, however, perhaps some of the best practices that we should be applying around security just haven't been there," he said. "So that does make us a target."

New Zealand had the fourth-highest number of cyber attacks in the Asia Pacific region last year and a higher than normal number of social media scams such as manual sharing - which accounted for 76 per cent of sharing scams - where family and friends were sharing links without realising what they were, particularly when a link was offering an incentive such as vouchers or video content.

"It often takes them through to a link for a survey asking for personal information or login details before you receive the voucher or video," Shaw said. "Scammers are paid a certain amount of money for the traffic they can drive to that survey, and in all of these cases you never get the voucher or the video or anything because it never existed."

The report also found smartphones were becoming an increasingly popular target for cyber attacks.

Symantec found 52 per cent of health apps had no privacy policies in place, and 20 per cent sent personal information, logins and passwords through an app's database in clear text with no encryption, something Shaw said made it an easy target for accessing other devices as well.

"Mobile is not usually self-propagating, users need to accept the software but once it's on there, the attacker has potentially access to a range of different things," he said. "They can see different applications and data on the phone, they can access devices on the phone and other things, so users need to be aware of that."

Tips for cybersecurity

• Make sure you're using not just strong passwords but unique ones.
• Use longer passwords - sentences are good.
• Check permissions and privacy policies before downloading an app.
• Always change default log-in details and passwords.
• Keep passwords updated.
• Use security software and make sure it's up to date.
• Don't click on suspicious links even if posted from friends or family.

See the Symantec research here: