Fewer than half of the UK's 29m adult Internet users believe they are responsible for protecting personal information online, a survey suggests.
One in six of the 2,441 people surveyed felt responsibility rested with banks.
The research, for a government-backed online safety campaign, found 12% had suffered online fraud in the last year - at an average loss of £875.
The same number (5%) had experienced fraud while shopping online as had had their bag, wallet or mobile stolen.
Time and effort
The survey, devised by Get Safe Online in conjunction with the BBC News website, marks the start of an Internet safety week to help raise awareness of online issues.
Get Safe Online managing director Tony Neate said: "The Internet now is the real world.
"We don't blame the police when we get burgled and we must take responsibility for what we do online in the same way we do for securing our houses and cars."
Some 48% of the Internet users surveyed online between 2 and 5 March felt they were primarily responsible for the online safety of their personal information.
One in six thought it was their bank which was wholly responsible, while 13% thought it was up to their Internet service provider.
With 93% of web users going online daily, it is no longer good enough to assume technology will work for itself, Mr Neate said.
"A computer is not like a washing machine where you can just press a button and use it until it breaks down. It is more like a car and needs some time and effort to maintain it," he said.
The survey - Internet Safety: The State of the Nation, was commissioned to highlight the issues of online safety.
It was organised by Get Safe Online, a joint venture between the government, the Serious Organised Crime Agency and private firms such as eBay and BT.
Alongside the 5% of those surveyed who had suffered fraud while shopping online in the past year, 3% had been victims of identity theft and 4% had had their bank account or credit card details stolen.
Some users experienced more than one of these problems.
Garreth Griffith, head of trust and safety at eBay UK, said shoppers needed to be persuaded to educate themselves before their spending sprees.
"We have a safety centre, offering information, tutorials, and the biggest challenge is getting people to read it," he said.
"Just as people buying a video recorder dispense with the instruction manual so that mentality manifests itself on the Internet."
As an established and well-used net brand, eBay has been increasingly targeted by fraudsters.
Accounts with very good feedback ratings are hijacked and used to con unsuspecting buyers.
Increasingly so-called spoof sites, which look very much like the legitimate eBay site are being set up to "phish" eBay account details and sell phoney goods.
The auction site has set up a couple of tools to protect users, including an address to which users can send suspicious emails and have them verified as real or fake.
It also offers a toolbar, which is free to download, and allows visitors to see whether they are on the genuine eBay site or one of the spoof sites.
Other key findings of the survey include the discovery that 18% had responded to spam messages.
A further 10% had clicked on a link in a spam message.
Almost 50% do not have anti-spyware, while 13% of broadband users do not have a firewall on their PC.
Some 53% of those surveyed said there should be a standard Internet safety test - much like the driving test - for web users.
This week a test on some of the key aspects of Internet security goes live on the Get Safe Online website.
Almost one in ten of those who have suffered online fraud have not reported it, the survey also found.
This could equate to as many as 148,000 online crimes in the last 12 months.
Sharon Lemon, of the Serious and Organised Crime Agency, is frustrated that it is an area that commonly goes unreported.
Her organisation, which has a team of around 50 people dedicated to online criminal activity, has seen the nature of the threats change since the squad was set up in 2001.
"It used to be about people showing off and defacing websites because they could. Now they realise there is money to be made and it has become more professional and has diversified," she said.