2017 Norton Cyber Security Insights Report

Consumers’ Overconfidence Opens the Virtual Door for Cybercriminals

Uncover the discrepancies behind consumers’ perceived knowledge of cybercrime and their not-so-savvy online behaviors in the 2017 Norton Cyber Security Insights Report, an annual survey of more than 21,000 consumers globally. 

Consumers’ Overconfidence Helped Hackers Up the Ante and Steal $172 Billion from Consumers in 20 Countries

Consumers are confident they’re safe online, but hackers have proven otherwise, stealing $172 billion from 978 million consumers in 20 countries. Consumers globally reported an average loss of $142 per victim and nearly 24 hours (or almost three full work days) dealing with the aftermath. In the United States, 143 million consumers were victims of cybercrime – more than half the U.S. adult online population.

See how your country fared

Traits Shared by Cybercrime Victims

Globally, cybercrime victims share a similar profile. They are almost twice as likely to own a connected home device as non-victims, but have blind spots when it comes to cyber security basics. For example, cybercrime victims tend to use the same password across all online accounts diminishing the value of using a secure password. Yet even with these risky behaviors, 39 percent of cybercrime victims reported gaining trust in their ability to protect their data and personal information and 33 percent even believed they had a low risk1 of becoming a cybercrime victim.

1Respondents’ attribution of cybercrime risk is based on their personal beliefs and definition of cybercrime.

How Consumers are Skewing the Boundary Between Cybercrime and “Real Life”

81 percent of consumers globally think cybercrime should be treated as a criminal act. However, when pressed, contradictions emerged. More than one in five consumers globally (22%) believed that stealing information online was not as bad as stealing property in ‘real life.’ When presented with examples of morally questionable online behavior, 43 percent believed at least one type of cybercrime was sometimes acceptable, such as reading someone’s emails without their permission (26 percent), or accessing someone’s financial accounts without their permission (15%).

Who Do Consumers Trust to Protect their Personal Information and Data Online?

Consumers reported a general trust in the institutions that manage their personal data and information. However, not all institutions are trusted equally.

Consumers globally have gained or maintained the same level trust in organizations such as banks or financial institutions (82 percent) and identity theft protection service providers (76 percent) that manage their data and personal information. Alternatively, 41 percent of consumers reported losing trust in their government to manage their data and personal information. For cybercrime victims, 39 percent gained trust in their ability to manage their data and personal information.

Getting Back to Basics to Help Prevent Cybercrime

The realities of cybercrime can feel daunting, but following the below cyber security tips can help.

  • Craft a strong, unique password using a phrase that consists of a string of words that are easy for you to memorize, but hard for others to guess. The longer, the better!
  • Using unprotected Wi-Fi can leave your personal data vulnerable to eavesdropping by strangers using the same network.so avoid anything that involves sharing your personal information when connected to an open Wi-Fi network. When you do use public Wi-Fi, use a Virtual Private Network (VPN) to secure your connection and maintain your privacy while online.
  • Make it a habit to change default passwords on all network-connected devices, like smart thermostats or Wi-Fi routers, during set-up. If you decide not to use Internet features on various devices, disable remote access as an extra precaution.
  • Think twice before opening unsolicited messages or attachments, particularly from people you don’t know. And never click on random links.
  • Protect all your devices with a robust, multi-platform security software solution to help protect against the latest threats.

How We Define Cybercrime

The definition of cybercrime continues to evolve as avenues open up that allow cybercriminals to target consumers in new ways. Each year, we will evaluate current cybercrime trends and update the report’s methodology as needed, to ensure the Norton Cyber Security Insights Report provides an accurate snapshot of the impact of cybercrime as it stands today. In the Norton Cyber Security Insights Report, a cybercrime is defined as one or more of the events listed below. A cybercrime victim is a survey respondent who confirmed one or more of these events took place.


  • Experienced a ransomware attack
  • Had payment information stolen from your phone
  • Been a victim of identity theft
  • Experienced credit or debit card fraud
  • Made a purchase online that turned out to be a scam
  • Clicked on a fraudulent email or provided sensitive (personal/financial) information in response to a fraudulent email
  • Had your financial information compromised as a result of shopping online
  • Detected unusual activity on your home Wi-Fi network
  • Lost a job or a promotion due to a social media posting you did not post
  • Received a phone call or text that resulted in malware being downloaded to your mobile device
  • Had a device computer/tablet/phone infected by a virus or other security threat
  • Fell for a technical support scam
  • Unauthorized access to or hacking of your email or social network profile
  • Had an account password compromised
  • Had someone gain unauthorized access to a smart home device
  • My location-based information was accessed without my permission
  • Been notified that your personal information was involved in a data breach
  • Had others use your home Wi-Fi without permission
  • Had a child’s online activity compromise your security
  • Had a child that was bullied online