Consumers need greater reassurances from retailers that they will be compensated in the event of online fraud if they are to spend more online, according to new research from Symantec.

The survey of 2,500 UK adults found that over 70 percent are confident enough to shop online, despite around two-thirds believing they are at risk from security threats.

But more worryingly for retailers, most respondents said they have no intention of spending more than £100 a month over the next year, while over three-quarters claimed they would be more likely to spend more if businesses guaranteed that they would compensate them in the event of financial or identity fraud.

"There is huge potential if we can get over the confidence factor," said the director of Symantec's Innovations Team, Richard Archdeacon. "Retailers should not only be doing things to [improve security] but telling their customers what they are doing – putting security out as part of their message."

He added that responsibilities lie on both sides to ensure the security of transactions, including consumers ensuring they have their PC anti-malware up-to-date and use content filtering technology to block non-legitimate sites.

Andrew Day of anti-fraud specialist Fair Isaacs argued that retailers could mitigate against the risk of CNP fraud by adopting tactics like only accepting orders where the delivery is to the cardholder address, or implementing schemes such as Verified by Visa or MasterCard Secure Code.

"It is in the interests of all parties involved – retailers, issuing banks, card acquirers, and consumers to take reasonable steps to counteract fraud," he added. "There has to be a way to trade profitably, conveniently and trustingly. If not, online retail will not fulfil its true potential."

Meanwhile, a new tactic is being employed by criminals to steal confidential customer information, according to McAfee. So-called drive-by-pharming attacks involve the hacker changing the default DNS settings on the victim's Wi-Fi router so that they can direct users to false banking and other sites and then harvest personal data.

McAfee security analyst Greg Day recommended users to change the default settings on their routers, encrypt routers and install firewalls in order to mitigate the risk of attack.