London, 26th June 2008
We are all aware of the constant malware dangers preying on the Internet, but with the very best intentions we still get caught in malicious traps that cause our computers, at the very least, to malfunction. Cynics argue that this is because cyber-crooks are more intelligent and can outwit us, but could it actually be down to a simple human psychological flaw?
Researchers at Panda Security have been looking into the inability of humans to change in certain situations, despite knowing the risks. In the same way that computers are programmed to behave in a specific way, people also have a set of instructions indelibly inscribed in the brain, making it very difficult to behave differently.
Logic suggests that if we received a suspicious attachment in an email, we would delete or ignore it, particularly if we had experienced a computer virus, a phishing attack or online fraud in the past. But a surprising number of people open attachments of this kind. Why?
Studies¹ have been carried out which suggest that this kind of behaviour is caused by psychological barriers to personal creativity and problem-solving ability. An instinct connected with thinking occasionally attempts to replace intelligent thought with an automatic response, i.e. ‘the way I am used to doing it’.
Dominic Hoskins, Country Manager, Panda Security UK, comments: “We do hear of a surprising number of infections caused by people opening files that are clearly dangerous. This is despite all the warnings, and all the publicity, and we believe cases of this kind, are simply down to human nature.”
At present, Panda Security’s latest data² indicates that approximately 23% of home computers are infected with malware despite having an up-to-date security solution. This can result in a false state of security among users who are likely to fall victim to malicious activity including identity fraud.
Panda Security is keen to stress how important it is for computer users to be extra vigilant now. “With the development of Web 2.0,” continued Dominic Hoskins, “we are increasingly drawn into more sophisticated technology. There is more interaction at every level, and whilst this brings obvious advantages, it does deliver far more danger to unprepared users.
Bankrate Inc.³ has recently published the findings of a national poll in America, which found that 8 out of 10 Americans are concerned about their identity being stolen. Furthermore, over one-third (34%) of Americans know someone who has been a victim of identity theft.
“We need to be more vigilant now than ever, and to keep a check on our instinctive behaviour. Malware today is no longer about causing an infection that could crash a PC, these days it’s about gaining access to bank account details and private personal data. Potentially this kind of access can crash your entire life.”
The scale of the problem is illustrated by statistics from an association of British banks4 which claims that malware losses have risen from 12.2 million pounds in 2004 to 33.5 million pounds in 2006. In the States, the Federal Trade Commission5 has reported that fraud losses reached over $1.2 billion in 2007.
To counteract the dangers of malware arising from Web 2.0 developments, Panda Security has developed a new security model known as Collective Intelligence. This enables data samples to be gathered from the wider user community and stores behavioural patterns of programs, file traces and new malware samples. It then automatically analyses, classifies and correlates the information against PandaLabs own extensive malware database. In the event of a new malware threat, the system generates the vaccines needed to neutralise the new malicious code and immediately disinfect the malware.
