New research shows Brits still can’t spot phishing websites

Dangerous website

A new research report from the popular VPN NordVPN has found that around two-thirds of British people are unable to identify the typical signs of a phishing website.

Scam sites are growing in number rapidly and posing an ever-greater threat to people when they go online. NordVPN estimates that there are more than a million unique phishing websites operating online right now, and several new sites are created every single minute.

Yet this research shows that Brits lack the vital understanding of how to spot these sites and the phishing emails they use to lure people in. As a result, many will be needlessly losing personal information, and perhaps even money, to the scammers.

The NordVPN National Privacy Test

The findings have come about as a result of NordVPN’s National Privacy Test. This is a global survey aimed at evaluating cybersecurity and online privacy awareness in 175 different countries around the world.

In the UK, around two-thirds (63%) of respondents to NordVPN’s research could not correctly identify all the red flags of phishing websites. While some had no knowledge at all, many others were operating on outdated information, a big problem given that online scammers are constantly innovating.

These days, phishing websites often resemble those of legitimate businesses. Many are exact copies. But they have been set up to trick people into giving away personal and financial information, like passwords or credit card details. Some are also used to spread malware, spyware, and other malicious software as well.

But more than four in five Brits surveyed (85%) said they thought that a padlock icon in a web browser’s address bar meant it was safe. For clarification, it absolutely does not.

It means that the site is encrypted, but anyone can encrypt a site, even scammers. Even worse, this icon is now so outdated Google Chrome is retiring it later this year.

Just over one-fifth of those surveyed (22%) said they would be suspicious of a website that didn’t have a copyright logo at the bottom of a page, despite this having nothing to do with online safety and being an icon every keyboard can generate.

It wasn’t all bad news from a British perspective. Almost three-quarters of British respondents to NordVPN’s survey (72%) knew that if a website’s digital certificate showed a random individual or company name, that would be a warning sign.

Meanwhile, four-fifths (81%) were able to identify poor images or text copy on phishing sites, while a similar number (86%) could spot a suspiciously named web address.

How did Britain place globally?

Despite the fact that NordVPN’s National privacy Test did throw up some very worrying results for Brits, we actually performed pretty well when compared to other countries around the world.

Overall, Britain placed fifth in the test with an average score of 62/100. Top of the pile were Singapore and Poland, with a score of 64/100, while the USA and Germany shared third place with 63/100.

The headline should perhaps be that not a single country around the world managed to score two-thirds or higher on this test. No wonder phishing sites are getting more and more common. But that’s not to say that Brits should be resting on their laurels.

Commenting on the results, NordVPN’s Chief Technology Officer, Marijus Briedis, said, “Despite their respectable placing in the test, these results should give the UK definite cause for concern. As technology advances, cybercriminals have adapted their tactics, making it challenging for the average user to keep up.”

“Many Brits seem off the pace when it comes to their online safety, reliant on ‘old-school knowledge’ and at risk of falling headlong into scams like phishing websites,” he continued.

“It’s important they realise that with the use of biometric identification growing, the value of a strong password is likely to decline over the next few years, and they must up their game in other areas.”

Brits can’t protect themselves when browsing

When it comes to basic online skills, NordVPN’s study found that most Brits acquitted themselves pretty well.

An impressive 95% of UK respondents were able to create a strong password and correctly chose the longest option that combined upper and lower-case letters, numbers and symbols.

A significant nine in ten (91%) know about the importance of hiding personal information on social media, and 85% knew that saving card details on their browser was a potential security risk as well.

But when it comes to browsing online, we didn’t fare so well.

Only one in ten (10%) knew that their Internet Service Provider (ISP) would collect all their data when they go online, and fewer than half (46%) knew that this included email addresses, the websites they visit, their IP address, and details of the length of time they spent online and the device used.

Meanwhile, a similar number (53%) didn’t know that Facebook could still collect information on people who don’t use the site through cookies in other sites that have a Facebook button on them.

Only around a quarter of Brits were aware of ‘juice jacking’, a new scam in which a hacker tampers with a public USB point to steal data from any device that uses it. This means public charging points and shared devices can all be a risk.

How do you think you would fare on NordVPN’s National Privacy Test compared to the average Brit? If you think you can do better, you can have a go right now.

Meanwhile, for anyone who is worried that they didn’t know some or all of the above facts about phishing sites and online security, NordVPN has published a series of tips on how to stay safe and keep your data safe when you are online. Their advice is:

  1. Use strong and unique passwords. Create strong passwords for each of your online accounts and avoid using the same password across multiple platforms. Consider using a password manager.
  2. Use multi-factor authentication (MFA). Implementing multi-factor authentication adds an extra layer of security by requiring users to provide additional verification, such as a one-time code sent to their phone, along with their password.
  3. Update your software regularly. Keeping software, operating systems, and applications up to date is crucial for fixing known vulnerabilities. Regular updates ensure that security patches are applied promptly, reducing the risk of exploitation by cybercriminals.
  4. Always use a virtual private network (VPN). A VPN encrypts your internet connection and helps protect your personal information from prying eyes. It is especially crucial when connecting to public Wi-Fi networks.
  5. Review and adjust privacy settings on social media platforms, mobile apps, and other online services. Limiting access to personal data and choosing the minimum required permissions can help protect privacy.

Here at VPNComapre, we fully endorse all of these points and, with International VPN Day coming up on Saturday 19th August, we are very happy to emphasise the importance of the fourth point in particular.

As NordVPN’s research has shown, both here in the UK and around the world, we are never too old to learn how to stay safe online.

Author: David Spencer

Cyber-security & Technology Reporter, David, monitors everything going on in the privacy world. Fighting for a less restricted internet as a member of the VPNCompare team for over 7 years.

Away from writing, he enjoys reading and politics. He is currently learning Mandarin too... slowly.

Leave a Reply

Your email address will not be published. Required fields are marked *