One in five British adults have had their email or social media account hacked, but it is bank details that most fear losing and the vast majority want at least three security steps to protect their accounts, according to Equifax.
The credit reporting company polled over 2000 British adults in February and found that 81% were most worried about bank account details being stolen and used for fraud, followed by debit/credit card PINs (72%), passport (60%), and driver’s licence (46%).
What’s more, 60% claimed that less than three security steps was insufficient to protect their account. Such steps could include entering a password, using a card reader or entering letters from a memorable word.
However, it could be that some forms of multi-factor authentication (MFA) are stronger than others, after news emerged last week of a weakness in the SS7 mobile communications protocol which has been actively exploited by hackers to drain the funds of German account holders.
O2-Telefonica confirmed that an unspecified number of its customers had been attacked in this way.
The crafty hackers apparently exploited the SS7 vulnerability to redirect banking one-time passcodes sent by SMS, allowing them to confirm transfer of funds from online bank accounts they’d previously hacked.
John Marsden, head of ID and fraud at Equifax, explained that while many banks already use 2FA, it’s often hidden from the user.
“As account hacking remains an issue, it’s no surprise that loss of financial details is a top concern for consumers, who increasingly demand higher security to protect their money,” he added.
“While there is a need for financial providers to reassure consumers of the precautions being taken to defend against fraudsters, it is also clear that the addition of more visible layers of security can play a vital part in assuring consumers that their finances are secure.”
Interestingly, the research also found an increasing number of young ‘netizens’ are responding to account hacks in a rather extreme manner.
Of the 21% that said their social media or email account had been hacked in the past, 20% said they responded by closing that account down completely, rather than changing their log-ins (81%).
However, 39% of those in the 18-24 bracket said they closed their account, versus 18% of 35-44-year-olds and 12% of over-55s.