People are leaving their emails wide open to hackers according to a new survey by our partner Cyber Aware.
Over half of all those surveyed aged 18-25 reuse their email password for other accounts – putting their cyber security and identity at risk.
New research from Experian and Cyber Aware released today (February 21) has revealed that the UK public’s email passwords could be leaving them wide open to hackers – putting themselves at risk of identity theft.
Despite 66% of those with an email account saying they were worried about hackers using their personal information, such as passport details or home address, to steal their identity, more than a quarter (27%) reuse their email password for other accounts, and this goes up to 52% when it comes to 18-25 year olds.
The research highlights the worrying amount of personal information people surveyed keep in their email accounts – what Detective Inspector Mick Dodge, National Cyber PROTECT coordinator with the City of London Police has described as a ‘treasure trove’ for hackers.
Over three quarters (79%) of those surveyed share personal information, such as their address or bank details over email, and of those who did, 67% have not deleted all the items.
More than half (55%) of those sending their passport or driving licence still have it in their sent items, 52% have still got bank or credit card details, 66% mortgage or tenancy agreements and 56% handwritten signatures.
Hackers are able to exploit a weak email password which is why Experian and Cyber Aware are urging the public to take the simple step of having a strong and separate password for their email account to help protect their identity.
Your email account is a gateway to a vast amount of information and hackers can also use your email account to access many of your other personal accounts, by asking for your password to be reset. 55% of those surveyed with an email account have six or more online accounts – from social media to online shopping – with some as many as 21 – so not adopting simple protective measures could have major personal consequences.
Despite these risks only 8% of those surveyed picked improving their online security from a number of ways in which they felt they needed to “reset” their life.
The results form part of Experian and Cyber Aware’s #OneReset campaign which is encouraging everyone to think about the simple resets they can do to make their lives better – from resetting their fitness regime to getting control of their finances – while at the same time taking cyber security more seriously to help protect their identity. Making just one reset to their email password to keep it strong and separate from all other passwords can help protect Britons from the majority of cyber threats.
This taps into a growing desire to ‘reset’ various aspects of our lives – with 83% of people surveyed agreeing they felt they needed to make a reset to their lives. The most popular “resets” are improving fitness, (48%), followed closely by “a healthier diet” on 41% and “getting more sleep” in third on 37%. But those aren’t the only resets those surveyed were keen on pursuing – nearly two fifths (19%) want to reset their careers through a change of job and over one in ten want to reset their dating or love lives.
“People might worry about cyber security but the reality is that doing something about it is often bottom of the list. The UK public need to take action. Your email account is really a treasure trove of information that hackers won’t hesitate to exploit. You wouldn’t leave your door open for a burglar, so why give criminals an open invitation to your personal information? Making one simple reset to have a strong and separate email password can make a big difference and help protect you from being the latest victim of cyber crime. ”
Detective Inspector Mick Dodge, National Cyber PROTECT coordinator with the City of London Police
Cyber Aware ambassador Dr Hazel Wallace said: “Cyber Aware’s new research has revealed the most popular reset people want to make is to their fitness routine. This is essential but when you’re making a lifestyle reset it’s also important to make a reset to your online health as well by using a strong, separate password for your email. Hackers can use your email to access all of your personal information by asking for a reset to your passwords for other accounts.”
Cyber Aware and Experian have the following top tips to better protect your online identity:
- Use a strong, separate password for your email account.
- A good way to create a strong and memorable password is to use three random words. Number and symbols can still be used if needed, for example 3redhousemonkeys27!
- Use words which are memorable to you, but not easy for other people to guess. Don’t use words such as your child’s name or favourite sports team which are easy for people to guess by looking at your social media accounts or simple substitutions like ‘Pa55word!’
- When available you should use two-factor authentication on your email account. It gives it an extra layer of security, as it means your account can only be accessed on a device that you have already registered.
- Don’t use public Wi-Fi to transfer sensitive information such as card details.
About the research
Research was carried out on i:omnibus, Ipsos MORI’s online omnibus. A nationally representative sample of 2,261 adults aged 16-75 were interviewed online between Friday 2nd and Tuesday 6th February 2018. Respondents were sourced from Ipsos online panels of pre-screened participants, with field quotas set on age, gender and region. Data has been weighted to reflect the known offline population profile in terms of key demographics (age within gender, region, working status and social grade) using a RIM weighting methodology.
Of the 2,261 adults interviewed, 2,163 had a personal email account. 2,163 completed the full set of questions for the survey.
*’Personal information’includes items ranging from a copy of your CV, a copy of your payslip, bank or credit card details, pictures of family, friends, kids and pets, a mortgage or tenancy agreement and your handwritten signature.