New research from the University of Kent has revealed that around 40% of people who fall victim to an advanced form of malware, known as CryptoLocker, have agreed to pay a ransom of around £300 to recover their files.
The finding comes in the second Survey on Cyber Security by members of the University's Interdisciplinary Research Centre for Cyber Security.
Their research also reveals that the prevalence of this type of ransomware (or malware) which makes personal files inaccessible by encrypting them - equates to approximately one case in 30, much higher than previous estimates suggested.
Other findings include 28.2% of respondents in the survey claim not to engage in any security practices online, such as using antivirus software, firewalls, and password management tools.
The Survey, which set out to explore the extent to which Britons have been affected by different forms of cybercrime, also found online security practices in Scotland to be better than in the rest of the UK.
Across all survey categories, the results revealed women take less risk online and generally adopt better security practices, such as regularly changing their passwords. Conversely, a substantial majority of those who don't feel at risk are men, with men also less likely to report a cybercrime because they believe it is a waste of time.
For the first time, the Survey investigated the number of users who had been victims to online bullying, harassment or sexual offences. Results show that almost one in thirty (2.9%) people say they had been a victim of online bullying or harassment, whilst similar numbers had been victims of online stalking (2.3%). Worryingly, online sexual offences were also reported with a similar prevalence.
Dr Julio Hernandez-Castro, from the Centre for Cybersecurity and the University's School of Computing, said: 'If the results reported on the rate of CryptoLocker victims who pay a ransom are to be strengthened by further research, these figures would be extremely troubling, netting criminals behind the ransomware hundreds of millions. This would encourage them to continue with this form of cybercrime, potentially prompting other criminal gangs to jump into an extremely profitable cybercrime market.'
Dr Eerke Boiten, Director of the Centre, added: 'From the small fraction of victims who have reported cybercrimes in the recommended way, through ActionFraud or the Police, we can conclude that official records are significantly underestimating the extent of cybercrime in the UK.'
Explore further: Ransomware no cause for New Year celebration: Sophos
More information: An Executive Summary and a more detailed analysis of the findings of the second Survey on Cyber Security can be viewed here: www.cybersec.kent.ac.uk/Survey2.pdf