The YouGov survey showed Australians were one of the most vulnerable nations alongside the UK and US, whilst Germany and Sweden are the savviest in protecting their identities and personal details.
The survey asked more than 8,000 respondents across nine countries to "spot the difference" between real and fake Web sites from VeriSign's recently launched the Phish or no Phish (www.phish-no-phish.com) challenge.
Scare tactics by fraudsters remains an effective form of phishing for Australian consumers.
Despite targeted education efforts by banks and online retailers alerting customers not to share their personal information online, almost a quarter (23 per cent) of Australians still fall into this trap, said Armando Dacal, director of Authentication Services at VeriSign Asia Pacific.
"Our research tested the applicability and understanding of a variety of phishing methods Australian consumers need to be aware of," he said.
"Sneaky strategies such as imitation Web sites that try and phish your personal details have been shown to work across all demographics, particularly on the age group 45- 54 years."
The research revealed that 45 - 54 year olds were 25 per cent less likely to spot a fake website than other age groups.
Different age groups were susceptible to different forms of scams; the over-65 year-olds are more than twice as likely to fail to check that they are entering their details into a site that has the correct URL, with 43 per cent failing to pick up the inaccurate URL addresses.
This statistic compares to 16 percent of the savvier 18-24 year olds who performed strongly on this point.
The younger age group, however, is more likely to respond to scare tactics to give away their personal details with more than a quarter (26 percent) failing to identify the fake phishing Web site.
Across the board, spelling mistakes were overlooked as being a clear indicator of a fake Web site, with 87 percent of respondents missing the obvious errors that would never be found on a valid company site.
Knowledge was a key to fighting phishing, said Decal.
VeriSign has compiled its top five tips to distinguish a real site from a phishing site.
Consumers should check whether or not a site is genuine and is taking measures to protect their personal details by looking for the following:
https://:The "s" in https:// means the site is encrypted, so the information you enter is secured. While some phishing sites do have a secured Web address, many do not. Therefore, site visitors should be on the lookout for missing security on sites that should have it.
The padlock icon: To be meaningful this icon must appear in the actual browser interface and not inside the content of the page itself.
Trust marks: Simple visual cues in the form of popular logos can show that a website is authenticated, secured, and the company is reputable.
Check the web address: Be suspicious of any site with an unknown domain that contains the name of a well-known site in the latter part of the Web address.
Green address bar: This signifies that this site has undergone extensive identity authentication so that you can be confident it is the site it claims to be.
Issue: 345 | December 2015