Latest Norton Consumer Cyber Safety Pulse Report Unveils Top Phishing Scams
New Threats Observed Across Encrypted Chat Marketplaces, Online Cookies,
and Vulnerable Gaming Drivers
NortonLifeLock’s global research team Norton Labs today published its second quarterly Consumer Cyber Safety Pulse Report, detailing the top consumer cybersecurity insights and takeaways from April to June 2021. Leveraging the company’s global threat telemetry, the analysis reveals the three most common phishing scams, in addition to new threats in encrypted chat marketplaces, online cookies, and vulnerable gaming drivers.
Norton thwarted 23.7 million phishing attempts between April and June 2021, with tech support scams, survey scams and supplement scams ranking as the top types of phishing scams seen. These scams are specifically designed to trick unsuspecting consumers to share personal information or engage in behavior that puts their privacy at risk.
“Cybercriminals often take advantage of current events to make their scams more convincing,” says Darren Shou, head of technology, NortonLifeLock. “As the world begins to open up, we anticipate scammers will pivot to tailor their phishing attempts to tie into themes like travel and back-to-school.”
Over the past quarter, Norton blocked 909 million Cyber Safety threats in total, including 56 million file-based malware, 405,710 mobile-malware files, and 85,339 ransomware detections.
Additional findings from the report include:
· Online tracking ecosystem is much larger and more sprawling than generally understood: Amid intensifying privacy concerns and legislative action pushing for companies to limit the data they collect on online users, Norton discovered the online cookie ecosystem is much larger than previously understood, with greater potential for privacy violations. The analysis identified as many as 171,140 organizations that are involved in the creation and sharing of cookies, a figure that is 2.5x more than generally understood.
· Encrypted chat app is doubling as illegal marketplace: Cybercriminals are exploiting a popular chat app’s encryption capability to sell illegal goods – everything from COVID-19 vaccines and personal information, to pirated software and fake IDs. Research also found cybercriminals are selling tools and services to facilitate cybercrime, such as distributed denial-of-service (DDoS) infrastructure.
· Vulnerabilities in drivers expose new threat to gamers: Cybercriminals are devising social engineering schemes that play into gamers’ hyper-competitive spirits and are tricking gamers into installing compromised drivers on their PCs. This in turn infects their computer systems, which can lead to stolen personal information, account takeovers, and even loss of virtual gaming swag.
For more information and Cyber Safety guidance, visit the Norton Internet Security Center.
About NortonLifeLock Inc.
NortonLifeLock Inc. (NASDAQ: NLOK) is a global leader in consumer Cyber Safety, protecting and empowering people to live their digital lives safely. We are the consumer’s trusted ally in an increasingly complex and connected world. Learn more about how we’re transforming Cyber Safety at www.NortonLifeLock.com.
Consumer Cyber Safety Pulse Report – From Norton Labs (Blog Article)
What you need to know about threats you see and those you don’t
Your inbox and spam folder can provide a glimpse of scams and threats that put your Cyber Safety at risk.
Chances are, you’ll experience your share of phishing messages — the No. 1 threat to your Cyber Safety.
Phishing messages are designed to trick you into providing personal information or engaging in dangerous behavior.
Norton Labs monitors online threats to help keep you Cyber Safe. That includes phishing emails and text messages. The team keeps a running report ranking the top phishing scams.
What happened: We crunched the numbers based on the past three months. These types of phishing attempts rose to the top.
Here are the top 3.
1. Survey scams. Below is an example of an Amazon shopper survey phishing lure designed to collect personal information in exchange for unrealistic reward.
2. Technical support scams. The Microsoft-themed tech support scam phishing lure example below capitalises on the fear of not being protected against cybersecurity threats.
3. Supplement scams. The example below is a too-good-to-be-true weight-loss-themed phishing lure, designed to capture credit card details
It’s worth noting that phishing attempts sometimes succeed because they prey on desires and fears.
Quote: “Scammers are masters in exploiting human emotions to put you into a state of panic,” says Marcel Feller, Principal Security Researcher at Norton Labs. “When you’re in that state, you’re more likely to comply with anything the scammer wants.”
What’s ahead: In the next three months, Norton Labs anticipates notable threats to security and privacy, including those tied to increased travel and leveraging pandemic themes.
· Phishing scams
· Ransomware attacks
· Supply chain attacks
The look back: Consumer Cyber Safety threats by the numbers
NortonLifeLock technology blocks more than 9 million threats on average every day. Here’s a closer look at the numbers over the past 100 days, according to the Norton Labs team.
• 909 million Total threats blocked.
• 23.69 million Phishing attempts blocked.
• 55.97 million File-based malware blocked.
• 405,710 Mobile-malware files blocked.
• 85,339 Ransomware detections blocked.
Unseen threats: The other way we help you stay Cyber Safe
The Norton Labs team gathers more than just data. The team also investigates threats that exist outside the view of most consumers.
Like what? Here are three examples of unseen threats, based on Norton Labs research. Learn how they work, and how you can avoid them.
• 1. Encrypted chat marketplaces. Your mainstream app could take a dark-web turn.
• 2. Online tracking and cookies. You know you’re being followed, but not like this.
• 3. Gaming threats – vulnerable drivers. How gamers can lose their “edge” fast.
Encrypted chat marketplaces
More than 3 billion people worldwide use chat apps. Most of them make quick communication easy. Some of them can enable criminal activity. Here’s what we found.
Background: Telegram is a full-featured encrypted chat app popular around the world. It’s possible to build bots on Telegram, which opens a world of possibilities, like accepting payments from other Telegram users or connecting people based on common interests or proximity.
How it works: Cybercriminals list a variety of illicit goods on Telegram. Here’s a partial list:
• COVID vaccines.
• Counterfeit luxury goods like purses and watches.
• DDoS (distributed denial of service) for hire.
• Stolen credit cards.
Buyers and sellers transact anonymously through Bitcoin.
Trust in the marketplace is created by having a reviewing mechanism — “rate our drugs 5 stars” — and escrow and dispute resolution services are included.
This is a leap forward for illegal marketplaces, which were previously relegated to the dark web. Now they’ve come onto the relatively open web to try to cultivate a new, and possibly younger, audience.
Advice for consumers: Avoid buying illegal goods anywhere on the internet, including on Telegram.
Learn more: Check out the paper “Encrypted chat apps doubling as illegal marketplaces.”
Online tracking and cookies
Cookies are small bits of code that track your activity online. Sounds simple, but there’s a lot more to it. Our research illuminated the “tracking ecosystem,” and it’s a lot bigger than you might think.
Background: Web-user tracking has fueled privacy concerns and legislative action. We looked under the hood of web pages and captured the entire life cycle of cookies, from their creation to all the operations they were later involved in.
Our analysis painted a detailed picture of the tracking ecosystem. We discovered an intricate network of connections between players that reciprocally exchange information and include each other’s content in web pages — sometimes without even the web page owners’ knowledge.
How it works: Our study collected fine-grained details of 138 million cookies. To investigate cookie lifecycles in-depth, we introduced the concepts of cookie trees, creation and sharing chains. This enabled us to capture the dependencies and relationships between entities.
We uncovered an astonishing number of organisations and relationships. Here are two examples:
• The analysis of cookie trees identified as many as 171,140 organisations that are involved in the creation and sharing of cookies. That’s 2.5 times more than generally understood.
• The analysis also identified 809,179 relationships, nearly 4-½ times more than generally understood.
Bottom line: The research underscores the ongoing concern about cookies and privacy issues.
Advice for consumers: It’s smart to consider the cookie ecosystem tracking data might be shared. The good news: Cookie trees and information flows offer a systematic way to better understand the tracking ecosystem. And that can lead to greater understanding of your online privacy.
Learn more: Read the full report “Journey to the center of the cookie ecosystem” or check out the blog post.
Threats in gaming – vulnerable drivers
Gaming is booming. So is cybercrime. It’s not surprising that cybercriminals are finding new ways to target gamers. That includes appealing to the competitive spirit of gamers who are willing to stretch the rules to beat opponents. Here’s what we found.
Background: Some gamers seek ways of getting an edge over other players, such as automatic aiming in first-person player-vs-player games. These advantages are known as cheats.
Some gamers also seek out software that lets them play games they haven’t paid for. These are known as cracks.
Installing cheats and cracks exposes users to enhanced threats that take advantage of their trusting nature and impulse to accept more risk for a presumed reward. That can lead to problems, and here’s why.
Games are complex software that include software that connects hardware to software, known as drivers. Vulnerabilities in drivers can lead to privileged access to a computer system. Some game drivers contained vulnerabilities and were patched by game creators. But older versions of these drivers persist on the internet.
How it works: Sites offer cheats and cracks that included vulnerable drivers. The sites offer detailed installation instructions, which include how to disable security software. That’s how they thwart mechanisms that prevent installation of these drivers.
Through trickery and psychology, cybercriminals “socially engineer” gamers into installing vulnerable drivers that are compromised by other software within cheats and cracks. In turn, that leads to compromise and infection of computer systems. And that could lead to stolen personal information as well as account take overs and loss of virtual goods.
Advice for consumers: Don’t disable your security software. It exists to protect against these types of threats. Also, take care to only install software from trusted sources.
Norton Labs continues to track scams and threats targeting consumers. Expect the pandemic theme to continue, but other world events will likely have an impact too.
Find out more when we publish our next Consumer Cyber Safety Pulse Report in October.