I agree with the first part of this conclusion. Clicking on sketchy links left-and-right will get you a computer virus. Certainly Trend Micro (one of the world's largest security companies) is in a good, if not unbiased, position to gather data on this issue. But their report seems to equate viruses with identity theft. The you-might-get-a-virus-and-your-identity-might-be-stolen mantra is so universal it no longer requires explanation.
Does getting a virus really mean that your identity might get stolen? Most users have experienced a computer virus, and yet most people have never had their identity truly stolen (identity theft is another overused term that has lost any meaning - more on that later). My hunch is that most identity theft has nothing to do with computer viruses. I don't have any data to back that up, but I also haven't seen any data to the contrary. (Most reports on identity theft point to acquaintances as the main perpetrators).
How do we measure the actual harm caused by computer viruses? Many viruses these days have a purely economic motive that does not directly impact the "victim" - how many users really care if their computer is being used for click-through fraud or to raise a spammer's google rank?
Some computer viruses are inconvenient. It can mean paying for tech support or harassing your geeky friends for help. Sometimes users are forced to re-image their computer and lose all their data. That is what users should really be worried about.
Identity theft is of course a real threat that users should also protect against. For example, owning a shredder is a good idea. For $40 you insure against the very small chance that you will suffer real identity theft from someone rummaging through your garbage. Let's say the likelihood of that happening over the five year lifespan of the shredder is 1%. Since real identity theft usually costs more than $4000 in lost time and money, a shredder can be considered a good investment.
I don't think the same argument can be applied to PC security products. The main reason to own an anti-virus product is to avoid the cost of having to rebuild or clean your computer later. It is still a good investment - I am willing to pay $50 a year to insure against the very likely probability of having to spend 5 hours rebuilding my computer.
That should be the real message of the Trend Micro report - "Don't Let Cybercriminals Turn Holiday Cheers Into New Year's Day Reimaging Your Operating System". Not very sexy, but sounds like a much better sales pitch to me.
One last thing - I tried to read the link "For tips on online safety during this holiday season". Every time I clicked the pdf link, my browser crashed. Should I try saving the file to my desktop? My guess is that one of the tips would tell me not to.