Gen Q3 Threat Report: Millions Fooled by "Scam-Yourself Attacks"

In This Article:

Report Finds 614% Increase in Scams Where Cybercriminals Go After People's Desire to Learn about Technology and Problem-Solve, Supporting a Surge in Data Theft

TEMPE, Ariz. and PRAGUE, Nov. 19, 2024 /PRNewswire/ -- Gen™ (NASDAQ: GEN), a global leader in consumer Cyber Safety with a family of brands including Norton, Avast, LifeLock, Avira, AVG, ReputationDefender and CCleaner, today released the Q3/2024 Gen Threat Report. This quarter highlights cybercriminals' rapid adaptation to new tactics, including social engineering, AI and deepfake technologies, making scams much harder to spot and more dangerous than ever.

Q3 Gen Threat Labs Infographic
Q3 Gen Threat Labs Infographic

"In July through September, scams continued to dominate the threat landscape, while data-theft abusing malware and ransomware also increased rapidly," said Siggi Stefnisson, Cyber Safety CTO at Gen. "Our consistent focus is to empower people with the tools they need, such as the Norton Genie scam detector, so they can protect their digital lives as threats evolve."

A 614% Increase in Scam-Yourself Attacks
The Gen report highlights a 614% rise in "Scam-Yourself Attacks," where cybercriminals use social engineering, psychological manipulation tactics, to trick people into installing malware on their own devices. The term encompasses a variety of threats, including:

  • Fake Tutorials – cybercriminals use video tutorials on platforms like YouTube to lure people into installing malware while pretending to provide a free download for a paid software.

  • ClickFix Scams – under the guise of "fixing" a computer issue, a fake technical solution prompts people to copy a text into the command prompt, ultimately giving cybercriminals control of their system.

  • FakeCaptcha – a fake CAPTCHA prompt that copies text of a dangerous code onto your clipboard and instructs the person to install this malicious content onto their device.

  • Fake Updates – malware disguised as a necessary software update guides people to paste a malicious script into their system, giving attackers admin privileges.

Together, these Scam-Yourself Attacks form a broader web of deception that's catching millions of people off guard. Social engineering continues to be one of the most dangerous tools in the cybercriminal arsenal, underscoring the importance of security products to help detect and block malware before it's downloaded.

The Surge of Data theft using Data Stealing Malware and Ransomware

While scams have dominated the landscape, data stealing malware and ransomware are experiencing a resurgence. Data stealing malware activity, specifically information stealers, rose by 39% overall this quarter. The most popular information stealer, Lumma Stealer, increased its share by 1154%, using methods like the previously mentioned Fake YouTube Tutorials to make its way onto people's computers to collect sensitive information including account credentials, crypto wallets and browser data.

Waiting for permission
Allow microphone access to enable voice search

Try again.