John

Women 4 times more likely than men to give passwords for chocolate

In Geek Stuff, Security and Privacy on April 17, 2008 at 3:28 pm

pic courtesy:abc.net.au

No offense ladies. I’m just a humble messenger. Maybe this only applies to London females? Anyways this is based off a press release from Infosecurity Europe.

A survey by Infosecurity Europe (www.infosec.co.uk) of 576 office workers have found that women far more likely to give away their passwords to total strangers than their male counterparts, with 45% of women versus 10% of men prepared to give away their password, to strangers masquerading as market researches with the lure of a chocolate bar as an incentive for filling in the survey. The survey was actually part of a social engineering exercise to raise awareness about information security. The survey was conducted outside Liverpool Street Station in the City of London.

This year’s survey results were significantly better than previous years. In 2007 64% of people were prepared to give away their passwords for a chocolate bar, this year it had dropped to just 21% so at last the message is getting through to be more infosecurity savvy. The researchers also asked the office workers for their dates of birth to validate that they had carried out the survey here the workers were very naïve with 61% revealing their date of birth. Another slightly worrying fact discovered by researchers is that over half of people questioned use the same password for everything (e.g. work, banking, web, etc.)

Gender biased jokes aside, the larger issue here is a lack of awareness regarding the importance of protecting the privacy of one’s personal information. The information revolution has reduced the need for face-to-face transactions. Whether we realise this or not, this has been an implicit control factor in reducing the risk of fraud since it reduces the number of possible identity thieves to those who share our basic characteristics such as skin tone, age bracket, language, gender etc.

With technology, this is no longer relevant, and this information about ourselves somehow needs to be communicated the person at the other end to convince them that we are who we claim we are – hence the importance of keeping our personal information private. Anyone who has used the telephone to query credit cards or handphone related matters will be familiar with the list of questions we are asked to authenticate themsleves – IC number, Date of birth, Mum’s name etc etc.

“Our researchers also asked for workers names and telephone numbers so that they could be entered into a draw to go to Paris, with this incentive 60% of men and 62% of women gave us their contact information”, said Claire Sellick, Event Director, Infosecurity Europe.

As she revealed her details to our researchers one woman said, “even though I have just been to Paris for the weekend I would love to go again.”

Sellick continued, “that promise of a trip could cost you dear, as once a criminal has your date of birth, name and phone number they are well on the way to carrying out more sophisticated social engineering attacks on you, such as pretending to be from your bank or phone company and extracting more valuable information that can be used in ID theft or fraud.”

Just consider these issues the next time you sign up for a contest, survey or even loyalty membership when deciding which bits of personal info you wish to reveal about yourself.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: