Yubico has announced the results of the company's 2023 survey, In a growing era of sophisticated phishing attacks, have people adjusted their cybersecurity hygiene? conducted by OnePoll. OnePoll,a leading provider of international market research and data communication solutions, surveyed 2,000 consumers* in the United States and the United Kingdom.

The purpose of this study is to understand attitudes and perceptions from consumers on cybersecurity across the US and UK, with a particular focus on how different age demographics fare in protecting themselves online.

Additionally, the survey aimed to learn if consumers are concerned about protecting their online accounts, and if so, how they are protecting them.

"While it is technically easy for retailers to implement basic username and password authentication for their customers, these types of credentials alone are easy for attackers to circumvent, allowing unauthorised access to online accounts," says Ben Eichorst, director of infrastructure security at Yubico. 

"During busy online shopping months, consumers may be tempted to adopt risky habits such as reusing passwords across services, or clicking on order information links that appear legitimate. These kinds of behaviours put consumers at a higher risk for their accounts to be compromised."

Key findings from the research indicate that:

While 80% of survey respondents are concerned about cybersecurity when it comes to their online accounts, 39% admitted to using the same passwords for multiple accounts. Boomers are the least likely to reuse passwords (20%), while Millennials are more than twice as likely to reuse passwords (47%) across their accounts.

A significant part of online shopping revolves around trusting an online retailer is who they say they are, and effectively safeguarding your personal and financial information. Despite a mistrust of online retailers, consumers are still storing their personal and financial information on these websites. 

About one third of respondents (32%) are not confident that they could spot a fraudulent or fake online retailer. About one in three do not completely or mostly trust the websites they use to effectively protect their personal/credit card information.** 33% of respondents save their credit card information in their online accounts.

The study shows the Boomers have a greater mistrust of websites than Millennials, potentially leading them to have better online privacy practices. 37% of Millennials save their credit card information in their online accounts, while only 19% of Boomers do. On average, Boomers (42%) are almost twice as likely to not feel confident in their ability to spot a fraudulent online retailer than Gen Z (23%) and Millennials (29%).

Despite being concerned about cybersecurity, approximately one out of two (49%) respondents stated that they do not use MFA, don't know what it is or are not sure if they have MFA turned on. In most other categories, Boomers reported having better cybersecurity hygiene, however, 71% of them report that they do not use MFA, don't know what it is or are not sure if they have MFA turned on. 

Millennials, on the other hand, report being more in-tune with todays modern security offerings with only 52% of them reporting that they do not or are not sure if they have MFA turned on for their active online accounts.

"Some 96% of respondents in the study plan to shop online between October and December, which makes now an ideal time to review online security habits," says Eichorst. 

"While there is much that can be done to improve security, the first step for consumers is to review existing sign-in methods, creating unique credentials stored in a trusted password manager, and, if possible, upgrading login methods to use strong, phishing-resistant, multi-factor authentication solutions, such as the YubiKey."