Around 50% of European internet users are concerned about the dangers of cybercrime and online identity theft; just under half feel well informed about the risks they take online; and up to 46% have taken steps to improve their online security, although for the most part that goes no further than installing anti-malware software.
But 18% have not made any changes in their behaviour in response to security concerns, and 48% have not changed any of their online passwords in the last 12 months.
This is according to a large-scale survey carried out by the European Commission's Eurobarometer programme, questioning over 27,000 people across the European Union on their internet use, security attitudes and experiences.
The detailed report includes a wealth of stats taken from questioning people across the EU.
It starts with a general look at internet usage patterns, finding that over 70% of Europeans are online, with 54% accessing the web at least once a day. Of those, 70% say they are at least reasonably confident about their ability to shop and bank online, but only around 50% actually use these services.
So, it's clear that a fair number of people who feel able to bank and shop online are not doing so.
Safety concerns and responses
The reason for this gap is likely to be at least in part a lack of trust in the safety of the internet. More than a third of web users questioned were worried about their personal data being abused when shopping or banking online, and a similar number were concerned about the security of online payment systems.
Both figures were slightly down on 2012 numbers though, showing at least a slight increase in general confidence.
In response to security concerns, 46% have installed anti-virus software, 40% are cautious about opening mails from strangers, and around one in three web users try to avoid giving out personal information or visiting unknown and untrusted websites. Just over a quarter only use their own hardware to go online, and just under that figure (24%) use different passwords for different sites.
It's worth noting that these figures do not necessarily show the full number of people who take these safety precautions, due to the wording of the question.
It asks only if people have changed their behaviour due to security concerns, so it's quite possible that some may have anti-virus installed for other reasons, for example if it came pre-installed on their PC, or may avoid giving out personal information simply because they are shy.
48% of web users said they had not changed any of their online passwords in the last year. Of those who had made changes, the highest figure was for webmail (31%) with social networks just behind on 26%. Online banking passwords were less likely to be changed, with only 20% changing in the last 12 months, and shopping site passwords were rarely changed, at only 12%.
This seems like the wrong way around, with online banking and shopping passwords most likely to give cybercrooks direct access to the cash they are after, so perhaps there is yet more need for education here.
Cybercrime attitudes and experiences
On average, 44% of those surveyed said they felt at least fairly well informed about the risks of cybercrime, an improvement over last year but still fairly disappointing. As in most categories, figures were higher in Northern Europe and amongst the young and well-educated.
Contrasting with responses to a previous question, 87% of web users avoid disclosing personal info online, while 76% think that their risk of becoming a victim of cybercrime has gone up in the past year - and the survey was carried out in May and June, before the latest waves of data leaks and password catastrophes.
In terms of actual experiences, nearly a third of web users said they had spotted a scam or phish on email or over the phone, with 7% saying it was a regular occurrence. 12% claimed to have had their email or social media accounts hacked, with the same number believing cyberattacks have prevented them from accessing online services (although it's not made clear how they would know this was the case).
10% said they had experienced online fraud, 7% credit card or banking fraud and 6% identity theft. However, more (52% of internet users) were concerned about the risk of identity theft than worried about banking or card fraud (49%).
Slightly lower numbers were worried about account hacking, scams, dodgy purchases or stumbling across child porn, all between 42% and 45%.
In all areas, in the event of an online concern (including outages thought to be due to cyberattacks), the police were the most popular port of call.
Lessons to be learned
So, it seems like there's something of a delicate balance between ensuring people are well educated about the risks of using the web, and scaring them off.
Many people seem to be put off using online services by the potential dangers, but few are taking all the necessary steps to carry out their online business in safety - indeed few are even doing the basics.
We clearly have a long way to go in educating people that the web can be used reasonably safely, if only they take the time to understand where the risks lie and how best to mitigate them.
I guess we'll just have to carry on trying to spread that message, and see how we've done when the next study comes out.