A quantitative empirical online study examined a set of 16 security hazards on the Internet and two comparisons in 436 UK and US students, measuring perceptions of risk and other risk dimensions. First, perceived risk was highest for identity theft, keylogger, cyber-bullying and social engineering. Second, consistent with existing theory, significant predictors of perceived risk were voluntariness, immediacy, catastrophic potential, dread, severity of consequences and control, as well as Internet experience and frequency of Internet use. Moreover, control was a significant predictor of precautionary behaviour. Methodological implications emphasise the need for non-aggregated analysis and practical implications emphasise risk communication to Internet users.