Hidden ways to compromise online privacy and security
A new report from Norton reveals the latest scams used by cybercriminals over the past quarter, with phishing scams taking the top spot.
Norton Labs, NortonLifeLock’s global research arm, used the company’s global threat telemetry for its quarterly Consumer Cyber Security Pulse Reportwhich details the most common consumer cybersecurity threats and statistics from July to September 2022.
According to Norton Labs, more than 9.5 million blocks were detected in Australia this September in this 30-day period to combat this level of threat. Researchers analyzed recent attacks on leading companies that were compromised through stolen login credentials.
These campaigns were designed to steal information that could then be monetized against victims. The goal was to undermine the trusted technologies used to send automated emails, authentication codes, and the entire company‘single entry
- 303,266 million phishing attempts
- 577,438 million file threats
- 1432 thousand mobile threats
- 39 thousand ransomware attacks
According to Jeff Nathan, CTO and researcher at NortonLifeLock, consumers should use FIDO U2F tokens wherever they can because they are not susceptible to these phishing attacks.
“Cybercriminals have become experts at capturing the one-time codes used in most two-factor authentication, and they know that by subverting the systems that send the codes, their efforts are even more effective.” Nathan added.
Cybercriminals also turn to fraudulent e-commerce stores that offer electronics, jewelry, clothing, and more to lure victims.
These sites often appear legitimate with fancy storefronts, positive reviews, links to social media accounts, and more. When you place an order, you may receive a counterfeit product or nothing at all.
According to the US Federal Trade Commission, there were 397,826 reports of online shopping fraud in 2021, with losses totaling $392 million.
Norton Labs warns buyers to be on the lookout for prices that may be too good to be true, to beware of sites that require unusual payment processing methods, and to beware of social media ads and unsolicited messages. Using a URL lookup tool like Norton Safe Web can also tell buyers if a site is already known to be a malicious or fraudulent domain.
Another alarming finding by Norton Labs is that 80 percent of websites provide search terms to advertisers either accidentally or on purpose.
Norton Labs researchers added that the trackers can collect information about website visits, such as the user’s IP address, website content, domain, and more.
This suggests to third parties user search terms that may contain sensitive information, such as medical problems or family and legal situations. Advertisers can then use these characteristics to target ads in unexpected or potentially uncomfortable ways.
[Related: Germany’s cyber security chief sacked due to ‘Russia ties’]