Scammers are masters in exploiting human emotions, claims Norton Labs, the global research arm within cybersecurity company NortonLifeLock, which has blocked over 900M threats over the last three months. Surveys, technical support, and supplement scams are amongst the most popular tools to trick people into providing personal information or engaging in dangerous behavior.
NortonLifeLock technology blocks more than 9 million threats on average every day. Over the past 100 days, it has blocked a total of 909M threats, amongst them: 23.69 million phishing attempts, 55.97 million file-based malware blocked, 405,710 mobile-malware files, 85,339 ransomware detections.
“Scammers are masters in exploiting human emotions to put you in a state of panic,” said Marcel Feller, a principal security researcher at Norton Labs. “When you’re in that state, you’re more likely to comply with anything the scammer wants.”
Users’ inboxes are flooded with scam attempts. Phishing messages that they receive are designed to trick users into providing personal information or engaging in dangerous behavior. Norton Labs highlighted the three most common phishing attempts: surveys, technical support, and supplement scams.
Below is an example of an Amazon shopper survey phishing lure designed to collect personal information in exchange for an unrealistic reward.
Below is an example of a typical technical support scam: the Microsoft-themed tech support scam phishing lure capitalizes on the fear of not being protected against cybersecurity threats.
And this example below is a too-good-to-be-true weight-loss-themed phishing lure, designed to capture credit card details.
Researchers point out that phishing attempts sometimes succeed because they prey on desires and fears. In the next three months, Norton Labs anticipates significant threats to security and privacy, including those tied to increased travel and leveraging pandemic themes. It means that you should look out for phishing scams, ransomware, and supply chain attacks.
Less visible threats
There are also existing threats outside the view of most consumers, like encrypted chat marketplaces, online tracking and cookies, and gaming threats.
For example, encrypted chat apps, often praised for their role in various uprisings globally, also function as illegal marketplaces for personally identifiable information, likely stolen gift cards, fake documents, and tools to facilitate cybercrime, such as distributed denial-of-service (DDoS) infrastructure. Buyers and sellers transact anonymously through Bitcoin.
“Trust in the marketplace is created by having a reviewing mechanism — “rate our drugs five stars” — and escrow and dispute resolution services are included. This is a leap forward for illegal marketplaces, which were previously relegated to the dark web. Now they’ve come onto the relatively open web to try to cultivate a new, and possibly younger, audience,” researchers claim.
Cookies, tiny bits of code that track your activity online, form a “tracking ecosystem,” which is a lot bigger than you might think. Researchers discovered an intricate network of connections between players that reciprocally exchange information and include each other’s content in web pages — sometimes without even the web page owners’ knowledge. They gathered details of 138 million cookies, and it turned out that as many as 171,140 organizations are involved in creating and sharing cookies.
Another considerable threat is associated with the booming gaming industry. Cybercriminals target gamers, for example, by appealing to the competitive spirit of games, and those gamers are willing to stretch the rules to beat opponents.
“Some gamers seek ways of getting an edge over other players, such as automatic aiming in first-person player-vs-player games. These advantages are known as cheats. Some gamers also seek out software that lets them play games they haven’t paid for. These are known as cracks. Installing cheats and cracks exposes users to enhanced threats that take advantage of their trusting nature and impulse to accept more risk for a presumed reward,” researchers claim.
That can lead to problems, and here’s why: games are complex software that includes software that connects hardware to software, known as drivers. Vulnerabilities in drivers can lead to privileged access to a computer system. Some game drivers contained vulnerabilities and were patched by game creators. But older versions of these drivers persist on the internet.
“Through trickery and psychology, cybercriminals “socially engineer” gamers into installing vulnerable drivers that are compromised by other software within cheats and cracks. In turn, that leads to compromise and infection of computer systems. And that could lead to stolen personal information as well as account takeovers and loss of virtual goods,” Norton Labs claimed.
More from CyberNews:
XXI century mafia: criminal enterprises at the heart of ransomware
New leak reveals: global governments exploit the Pegasus cyber-surveillance tool
New ransomware group Hive leaks Altus group sample files
Ransomware evil: does REvil stand up to its name?
The evolving ransomware landscape
Multiple US energy firms attacked with ransomware in the past 12 months – report
The rise of makeshift ransomware: what is Epsilon Red and should you worry about it?
Subscribe to our newsletter
