Brits trust themselves to stay safe online – but complacency could leave them at risk

1st October 2019

OCTOBER 2019, OXFORD: Brits trust themselves more than the government or the technology industry to keep them safe online, according to new research from Nominet, the profit with a purpose company operating at the heart of the internet infrastructure. But the findings also suggest that complacency and bad habits relating to secure Wi-Fi, password security and responding to a cyberattack could still leave them at risk of falling victim to cybercrime.

  • More than three quarters of adults (77%) say they know enough to stay safe online
  • Fewer than four in 10 (38%) say they trust government, intelligence agencies and law enforcement to keep them safe
  • A greater proportion trust technology companies (42%), but there’s still scepticism about their motives – with more than half of adults (51%) not trusting technology companies to behave ethically


Although many Brits think they know how to stay safe, it hasn’t prevented many from falling victim to or being exposed to cybercrime. One in five (20%) adults think they have been a victim of hacking or data theft, 19% have been customers of companies that have had a cyber breach, and almost three quarters (73%) have received phishing emails. But despite these experiences, and greater mainstream awareness around the prevalence and complexity of today’s cyber criminals, Brits are very assured in the fight against cybercrime, with only 5% of adults thinking it’s very likely or definite they’ll be a victim in the next 12 months. Almost a third (31%) think it’s unlikely, while 10% are even more bullish and think that it is ‘not at all likely’ or ‘will definitely not happen’.

Response to cybercrime

Even those who have been affected by cybercrime don’t always respond in a way that minimises potential harm to themselves or other people. For example, only three-quarters (76%) of those whose online bank, phone or utility provider account was hacked actually changed the relevant password afterwards. Only 46% contacted the company to let them know what had happened, while even fewer (10%) contacted law enforcement. Similarly, in instances where a company has suffered a data breach, only 61% of those affected have gone to change their password. Fewer than half (45%) even checked whether they’d been directly affected, with 24% waiting for the company to contact them first, and a fifth (20%) simply trusting that they wouldn’t have been affected.

Misplaced confidence

While encouraging that Brits have a positive attitude towards cyber security, some of their online habits suggest that their confidence could be misplaced. For example, only 55% always use secure wi-fi for online transactions or online banking, only 52% have additional security software installed on their devices, and only half (50%) use the ‘remember my password’ options only on private computers and networks. In the social media sphere, only 55% know how to change the privacy settings on their chosen platforms, and 51% know what privacy settings they currently have in place. Also, despite frequent reminders from providers to adopt two-factor authentication (2FA) on their online accounts, fewer than three in 10 (29%) understand what it is, and only 27% use it. Even the most common security advice has not been adopted by many Brits – with 14% saying they have never changed a password on an online account without being prompted to do so, and one in five (20%) saying they’ve never changed their online banking password.

Commenting on the findings, Russell Haworth, CEO, Nominet, said: “The last 25 years have seen more and more elements of our daily lives shift over to the online world, and in the vast majority of cases this has positively contributed to making the UK a better place for its citizens. But the internet is still fraught with risks. While it’s encouraging that many Brits feel like they know enough to stay safe, an assumption that cyber attacks simply won’t happen to them is playing with fire. Too many of us are still not following even basic advice on security, from changing passwords when a provider has suffered a breach, to using two-factor authentication. In fact, quite astonishingly, recent National Cyber Security Centre breach analysis found that 23.2 million victim accounts still used a 123456 password.

“With low levels of trust in the government or the industry to keep them safe and complacency being a bad mix, it’s crucial that all stakeholders do their bit in the battle against cybercrime and help consumers to limit attackers’ opportunities. Everyone has a part to play – government, tech companies, retailers and individuals. Something we’ve been working on to thwart criminality online is our Domain Watch initiative, designed to identify and suspend domains at the point of registration that are likely to be used for phishing. Since we launched Domain Watch in July 2018, we’ve suspended over two thousand domains intended for phishing – domains that look like a business or a bank but are not, and instead are used in an attempt to fool and defraud customers.  Awareness of these kinds of techniques used by cyber criminals is a key step in fighting online crime.”

Of the 2,275 domains suspended for phishing, over 400 of these were targeting the public sector including, ‘’, ‘’, and ‘’. There were also over 900 domains suspended that targeted the private sector, such as ‘, ‘’, and ‘’. The scheme which is just one of the ways in which Nominet works constantly to keep the .UK domain safe and secure, with processes being reviewed and refined as threats and technologies evolve, has also suspended over 500 domains targeting the financial service sector including ‘’, ‘’, and ‘’.

Nominet’s Digital Futures research seeks to encourage debate on what matters most, as we chart a course towards a vibrant digital future in the UK. Nominet’s position as the company behind the .UK internet infrastructure means it can offer a unique perspective on the digital progress of the UK.

– Ends –

About the research

Nominet commissioned PDS (Populus Data Solutions) to survey a sample of 2,080 UK adults including 505 aged 18-24 and 1,032 UK children aged 11-17 to encourage debate on what matters most as we shape our digital future in the UK.

The research was conducted online between 30th January and 6th of February 2019 and addressed several key themes including the impact of technology, digital ability and willingness, digital & society, social media and inclusivity & the workplace.

About Nominet

Nominet is driven by a commitment to use technology to improve connectivity, security and inclusivity online. For over 20 years, Nominet has run the .UK internet infrastructure, developing an expertise in the Domain Name System (DNS) that now underpins sophisticated threat monitoring, detection, prevention, and analytics that is used by governments and enterprises to mitigate cyber threats. A profit with a purpose company, Nominet supports initiatives that contribute to a vibrant digital future and has donated over £47 million to tech for good causes since 2008, benefitting more than 10 million people.

For more information please contact:

Nominet Press Office, Brands2Life, +44 (0)20 7592 1200, [email protected]

Nominet Digital Futures Security Report

Computer monitor showing 'Digital Futures: Security Report'