Australians are losing more than AU$1.2 billion to online crime, according to the latest report from Norton by Symantec.
The Norton Cybersecurity Insights Report has shown that 3.7 million Australians, which was equivalent to one in five of the adult online population, were impacted by online crime in the last year. As a result, the report found Australians spend an average of 14 hours and AU$325 per person dealing with the impact of being a victim.
Mark Gorrie, director of Norton by Symantec Pacific region, said ransomware made up a large part of online crime, and believes it will continue to grow.
"Australia is a fairly affluent nation so people who haven't backed up or don't have adequate protection are being compromised," he said.
"A lot of them are paying to recover their data and that in itself from pure economics means [the criminals are] seeing a lot of success from these threats so they'll keep coming. We're seeing the growth that people are paying, which is not what we want to see either."
The report also found 90 percent of Australians worried they would be affected by online crime, and 66 percent believed it was more likely their credit card information would be stolen online than from their wallets.
Despite these concerns, Gorrie said consumers were overconfident in their online security behaviours.
"Awareness is high but what we're not seeing is the connection is the call to action, like: 'Yes this is a big issue, what should I be doing to protect myself'. People believe they are doing a reasonable job, like individually they score themselves an A," he said.
"But when you actually look at the details behind that in terms of what they're doing with their password, less than half are always using a secure password. We saw 27 percent indicated they had shared their banking password, and one in three weren't protecting the devices they're using with a password.
"Clearly, as much as they think they're doing a reasonable job, when they look at the detail in terms of the basics, we're not seeing that. It's great we've got the awareness now, but what should people be doing to proactively protect themselves."
Gorrie added that the findings indicated more education is needed, in particular for the millennials, of which one in four believed that their data was not "interesting enough" to be a target of online crime, despite 49 percent admitting they experienced online crime.
On top of this, Norton by Symantec revealed that nine out of 10 respondents said if they were impacted by online crime, they would be devastated if their financial information was compromised.
In New Zealand, Symantec found approximately 856,000 people were hit by online crime in the past year, costing around AU$270 per person. Similar to Australia, 55 percent of New Zealanders did not always use a secure password.
However, Symantec highlighted that the awareness of online crime was there as 83 percent believe they would be victims of online crime, while one in six thought it was more likely their credit card information would be stolen online rather than physically taken.
Gorrie said confidence has been compromised following a number of breaches that have exposed the identities of millions of people making routine purchases online.
"Our findings demonstrate that the headlines rattled people's trust in mobile and online activity," he said.
"But it hasn't led to widespread adoption of simple protection measures people should take to safeguard their devices and information online."
Symantec president and CEO Michael Brown recently revealed the key to keeping customers happy is to be open about the telemetry when a user's privacy is traded away.
"[If] we're giving the keys to encryption to law enforcement, because we want to serve a different purpose, then ... it should be in the light of day," he said.
Brown added that his company does not believe in backdoors, but that it would follow whatever legal requirements were made of it.
"We as a society, as an open society, have to make trade offs, and we are going to follow whatever we agree on with our laws," he said.
Symantec currently collects telemetry from 110 million enterprise customers, and 60 million consumer and mobile end-points, resulting in a database that monitors 8 trillion objects in real-time, and is updated at a rate of 200,000 rows per second.