Holiday Mobile Device Shoppers Take Heed: New Study by National Cyber Security Alliance and McAfee Reveals Lack of Cyber Safety Among Mobile Users

Nearly Three-Fourths of Americans Have Never Installed Security Software on their Smartphone

Dec 21, 2011, 09:30 ET from National Cyber Security Alliance

WASHINGTON, Dec. 21, 2011 /PRNewswire/ -- Those looking to purchase or receive smartphones and mobile technologies this holiday season should keep cyber safety top of mind. A new national study released by the National Cyber Security Alliance (NCSA) and McAfee reveals a false sense of cyber security for mobile users and provides insight into how mobile users could impact our nation's collective digital infrastructure. 


The survey, conducted by Zogby International, found that nearly three quarters (72%) of Americans have never installed data protection applications or security software on their smartphones in order to protect it against data loss or to protect it against viruses and malware.

Yet consumers continue to use smartphones more frequently in their digital lives:

  • The survey shows that roughly two-fifths (44%) of Americans use their smart phones to access the Internet and three quarters (75%) say they access the Internet more frequently on their device today than they did one year ago 
  • According to digital research firm comScore, close to 32.5 million Americans accessed banking information via mobile device at the end of the second quarter of 2011, a 21% increase from in the fourth quarter of 2010
  • Approximately 24% of consumers store computer or banking passwords on their mobile devices. (source: Consumer Reports' 2011 State of the Net Survey)
  • More than half of smartphone users do not use any password protection to prevent unauthorized device access. (source: Wall Street Journal -
  • In the U.S. alone, 113 mobile phones are lost every minute (Source: Gartner)

The NCSA/McAfee research also found that seven in ten (70%) smartphone owners say they feel their device is safe from hackers, malware and other types of cybercrime. This data shows that taking extra precautions to protect smart phones from virus attacks and other threats is not common practice for U.S. consumers as most feel their devices are safe enough.

While mobile Internet users may feel their devices are safe, data thieves and hackers continuously evolve their operations to take advantage of user vulnerabilities. Mobile malware incidents are still relatively low in number, but with smartphones and tablets eclipsing unit sales of desktop and laptop PCs, cybercriminals will continue to set their sights on mobile; and increased mobile Internet use will continue to exacerbate security and data breach issues.

Along with the uptick in mobile Internet use, the NCSA/McAfee survey also found that more applications are being developed and downloaded to meet the variety of user interests and needs:

  • In the last six months, the applications most smartphone owners say they have added to their phones are games (46%), followed by social networking apps (37%)
  • Only 26% of smartphone owners say they always read the developer policy on the use of personal information when downloading an app and a third (31%) say they never read the policy
  • Smartphone users are pretty well split as to whether they have ever abandoned downloading an app over security or safety concerns (50% to 45%)
  • Of those who have decided not to download an app over a security or safety concern, most said they did so because they were unsure of what data about themselves was being collected and how it would be used (71%)

The National Cyber Security Alliance advises that consumer vigilance is a powerful way to ensure the safety of information stored on and shared through mobile devices. "This data continues to enforce the reality that more Americans are connecting to the Internet anywhere, anytime, and from a larger variety of devices than ever before," said Michael Kaiser, executive director of the National Cyber Security Alliance.  "While the busy holiday season highlights new and exciting technologies being offered by retailers and adopted by consumers, we need to remain vigilant and be sure that all Web-connected hardware has the proper security tools installed and is kept up to date.   Beginning with the STOP. THINK. CONNECT. guidelines, the use of sound judgment online is necessary to protect our shared digital resources."

"Just as mobile retailers are working to meet the holiday consumer demand for mobile devices and users are working to optimize the convenience of new technologies, cyber criminals are creatively working on new ways to penetrate our digital properties," said John Thode, executive vice president, consumer, mobile and small business, McAfee.  "This study highlights the need to focus on the security of our mobile devices and networks as mobile technologies are adopted by an ever-increasing amount of the population and becoming a central part of our lives."

When purchasing a new mobile device, consumers should take an informed approach regarding security.  These steps can help support the decision process and transition to a new mobile technology:

  • Ask About Security Features and Functions: Compare security features for each mobile device under consideration. Select the one that offers the best protection and ask about applications and software protections that you can install after purchasing.
  • Determine User Needs: Each individual user will require functionality tailored for their needs. Carefully assess your user needs and identify which technologies meet those requirements
  • Research the Product: Research the potential purchase to learn the maintenance required, proper secure usage, and any additional software or applications that may be necessary to run a secure, protected device
  • Ask Questions: When visiting a retailer, ask the sales person questions about the device and for feedback on consumer satisfaction and reported security issues

Additionally, whether new or old, today's mobile Internet capable devices are as powerful and connected as any PC or laptop. NCSA advises that everyone take the same security precautions with mobile devices as they do with their computers.  The first step is STOP. THINK. CONNECT. in addition to the following:

Keep a Clean Machine

  • Keep your mobile security software current: Having the latest security software is a primary safety and security measure
  • Automate software updates: Many software programs will automatically connect and update to defend against known risks. Turn on automatic updates if that's an available option
  • Protect all devices that connect to the Internet: Along with computers, smartphones, gaming systems, and other web-enabled devices also need protection from viruses and malware

Protect Your Personal Information

Phones can contain tremendous amounts of personal information. Lost or stolen devices can be used to gather information about you and, potentially, others. Protect your phone like you would your computer.

  • Secure your phone: Use the strongest passcode protection available to lock your phone
  • Secure your accounts: Ask for protection beyond passwords. Many account providers now offer additional ways for you verify who you are before you conduct business on that site.
  • Make passwords long and strong: Combine capital and lowercase letters with numbers and symbols to create a more secure password.
  • Unique account, unique password: Separate passwords for every account helps to thwart cybercriminals.
  • Write it down and keep it safe: Everyone can forget a password. Keep a list that's stored in a safe, secure place away from your computer.
  • Own your online presence: When available, set the privacy and security settings on websites and apps to your comfort level for information sharing. It's ok to limit who you share information with.
  • Understand your apps: Review the privacy policy and know what data (location, access to your social networks) on your device an app can access before you download it.

Connect with Care

  • Get savvy about Wi-Fi hotspots: Limit the type of business you conduct and adjust the security settings on your device to limit who can access your phone.
  • Protect your $$: When banking and shopping, check to be sure the site is security enabled. Look for web addresses with "https://" or "shttp://", which means the site takes extra measures to help secure your information while in transit. "Http://" is not secure.

Be Web Wise

  • Stay current. Keep pace with new ways to stay safe online. Check trusted websites for the latest information, and share with friends, family, and colleagues and encourage them to be web wise.
  • Take control of your technology: Learn how to disable the geotagging feature on your phone at  

Visit or to learn more information about how to protect yourself and your mobile device.

Survey Methodology

NCSA and McAfee commissioned Zogby International to analyze the cyber security behaviors and perceptions of Americans.  The study surveyed 2,337 adults nationwide from 9/23/11 to 9/28/11.  Slight weights were added to region, age, race, gender, and education to more accurately reflect the population. The margin of error is +/- 2.1 percentage points. Margins of error are higher in sub-groups.  The MOE calculation is for sampling error only.  A full summary of the report can be found at

About The National Cyber Security Alliance

The National Cyber Security Alliance is a non-profit organization. Through collaboration with the government, corporate, non-profit and academic sectors, the mission of the NCSA is to empower a digital citizenry to use the Internet securely and safely protecting themselves and the technology they use and the digital assets we all share. NCSA works to create a culture of cyber security and safety through education and awareness activities. NCSA board members include: ADP, AT&T, Bank of America, Cisco Systems, EMC Corporation, ESET, Facebook, General Dynamics Advanced Information Systems, Google, Intel, Lockheed Martin Information Systems & Global Services, McAfee, Microsoft, PayPal, Science Applications International Corporation (SAIC), Symantec, Verizon and Visa. Visit for more information.

About McAfee

McAfee, a wholly owned subsidiary of Intel Corporation (NASDAQ: INTC), is the world's largest dedicated security technology company. McAfee delivers proactive and proven solutions and services that help secure systems, networks, and mobile devices around the world, allowing users to safely connect to the Internet, browse and shop the Web more securely. Backed by its unrivaled Global Threat Intelligence, McAfee creates innovative products that empower home users, businesses, the public sector and service providers by enabling them to prove compliance with regulations, protect data, prevent disruptions, identify vulnerabilities, and continuously monitor and improve their security. McAfee is relentlessly focused on constantly finding new ways to keep our customers safe.


The campaign was developed by the STOP. THINK. CONNECT. Messaging Convention, a public-private partnership established in 2009 and led by The Anti-Phishing Working Group (APWG) and National Cyber Security Alliance (NCSA) to develop and support a national cybersecurity awareness campaign.  In October 2010 the White House, U.S. Department of Homeland Security and Messaging Convention launched the campaign. The Department of Homeland Security provides the Federal Government's leadership for the campaign. Industry, government, non-profits and education institutions participate in STOP. THINK. CONNECT. Learn how to get involved  at

SOURCE National Cyber Security Alliance