Singaporeans acknowledge the need for vigilance on the Internet, yet their actions suggest a very casual attitude to online security.
A new survey found that Internet users here seem complacent about security despite many getting stung in cyber attacks.
About 12 per cent said they had been victims of a phishing attack, losing on average US$158 (S$200).
The survey found that the global average was 15 per cent with US$158 lost.
Another 8 per cent said their professional reputation had been compromised, costing on average US$552 to repair it, slightly under the global average.
Yet only 42 per cent of respondents here said they limit what strangers can see on social networks and curb the amount of personal information online.
Around 43 per cent said they adjust their social network privacy settings.
More damning is that only 41 per cent use a PIN (personal identification number) or password to lock their mobile device, according to the 2013 Microsoft Computing Safety Index (MCSI).
The results were released earlier this week in conjunction with Safer Internet Day on Tuesday, a global campaign to get people to use the Internet more securely.
The MSCI polled about 10,500 consumers in 20 countries, including Singapore, Australia, the United States, Belgium and Malaysia.
While Singapore fared better against the global average figures, the results are still below the median mark, reflecting that most of those polled are still not exercising safer online habits.
Microsoft said consumers can defend themselves in several ways, including creating stronger passwords that must be kept secret.
They should also use settings or options to manage their privacy on social networks.
Microsoft has been promoting online security for a number of years as its operating system is used in at least eight out of 10 computers at home and in the office.
It set up a cybercrime unit last November that employs analysts, computer experts and lawyers who work with law enforcement agencies throughout the world.
A unit spokesman told The Straits Times that its biggest fight was against criminal cartels.
A Microsoft team had earlier played a key role in helping the Federal Bureau of Investigation stop the notorious Citadel banking botnets in July last year.
A botnet is a network of compromised computers that are remotely controlled to perform coordinated attacks against others.
Citadel had reaped more than US$500 million from bank accounts by stealing credit card and bank account numbers.
"Citadel is the new trend in malware. It is operated by gangs who sell modular virus kits to criminals. There's even customer service support to iron out the bugs. Every 26 days, a new virus variant will come out. They are very organised," said the spokesman.
Mobile phones present the next area of risk for consumers, he added.
Criminals are focusing on economic crimes. With more consumers performing banking transactions and engaging in e-commerce using their phones, there is a high risk that personal identities, bank accounts and credit card numbers can be stolen.