SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
Tech support scams among top phishing attacks
Tue, 27th Jul 2021
FYI, this story is more than a year old

Tech support scams, survey scams and supplement scams are amongst the top phishing scams from for the last three months to June 2021, according to new research from Norton Labs.

Norton Labs has published its second quarterly Consumer Cyber Safety Pulse Report, detailing the top consumer cybersecurity insights and takeaways from April to June 2021.

Leveraging the company's global threat telemetry, the analysis reveals the three most common phishing scams, in addition to new threats in encrypted chat marketplaces, online cookies, and vulnerable gaming drivers.

According to the report, Norton thwarted 23.7 million phishing attempts between April and June 2021, with tech support scams, survey scams and supplement scams ranking as the top types of phishing scams seen. These scams are specifically designed to trick unsuspecting consumers to share personal information or engage in behaviour that puts their privacy at risk.

"Cybercriminals often take advantage of current events to make their scams more convincing," says Darren Shou, head of technology, NortonLifeLock.

"As the world begins to open up, we anticipate scammers will pivot to tailor their phishing attempts to tie into themes like travel and back-to-school," he says.

Over the past quarter, Norton blocked 909 million Cyber Safety threats in total, including 56 million file-based malware, 405,710 mobile-malware files, and 85,339 ransomware detections.

Additional findings from the report include: 
Online tracking ecosystem is much larger and more sprawling than generally understood: Amid intensifying privacy concerns and legislative action pushing for companies to limit the data they collect on online users, Norton discovered the online cookie ecosystem is much larger than previously understood, with greater potential for privacy violations. The analysis identified as many as 171,140 organisations that are involved in the creation and sharing of cookies, a figure that is 2.5x more than generally understood.

Encrypted chat app is doubling as illegal marketplace: Cybercriminals are exploiting a popular chat apps encryption capability to sell illegal goods everything from COVID-19 vaccines and personal information, to pirated software and fake IDs. Research also found cybercriminals are selling tools and services to facilitate cybercrime, such as distributed denial-of-service (DDoS) infrastructure.

Vulnerabilities in drivers expose new threat to gamers: Cybercriminals are devising social engineering schemes that play into gamers hyper-competitive spirits and are tricking gamers into installing compromised drivers on their PCs. This in turn infects their computer systems, which can lead to stolen personal information, account takeovers, and even loss of virtual gaming swag.