614% Rise In ‘Scam-Yourself Attacks’

Gen’s Q3/2024 report reveals a rise in “Scam-Yourself Attacks,” with increases in data theft, ransomware, and mobile spyware.

Gen Digital Inc., a global leader in consumer cybersecurity, released its Q3/2024 Threat Report on November 19, revealing a sharp rise in cybercriminal activities, including a staggering 614% increase in “Scam-Yourself Attacks.”

The report, based on data from millions of users worldwide, underscores how cybercriminals are rapidly adapting their tactics, using social engineering, AI, and deepfake technologies to make scams harder to spot.

Siggi Stefnisson, Cyber Safety CTO at Gen, said, “In July through September, scams continued to dominate the threat landscape, while data-theft abusing malware and ransomware also increased rapidly.”

Stefnisson continued, “Our consistent focus is to empower people with the tools they need, such as the Norton Genie scam detector, so they can protect their digital lives as threats evolve.”

“Scam-Yourself Attacks” are social engineering scams where cybercriminals trick individuals into installing malware on their own devices.

These attacks exploit people’s desire to learn new technologies or solve problems, like downloading software through fake tutorials or using ClickFix scams, where users are prompted to enter a command that gives cybercriminals control of their systems.

The report outlines several types of Scam-Yourself Attacks, including fake software updates, fake CAPTCHA prompts, and deceptive tutorials, all of which are designed to manipulate victims into allowing malware onto their devices.

Alongside the rise of scams, data-theft malware saw a significant increase in Q3/2024, with overall activity rising by 39%.

The Lumma Stealer malware, which targets sensitive information such as login credentials, cryptocurrency wallets, and browser data, increased its activity by a staggering 1154%.

Ransomware threats also escalated, with a 100% rise in risk ratio. The Magniber ransomware emerged as a leading threat, often exploiting outdated software like Windows 7 to gain access to systems.

Gen researchers continue to collaborate with governments worldwide to combat ransomware, offering free decryption tools for victims, including the recently released Avast Mallox Ransomware Decryptor.

On mobile devices, data-stealing malware also surged. Spyware increased by 166%, and a new strain, NGate, emerged, cloning bank card NFC data to make unauthorized withdrawals or payments.

Banking malware targeting credentials increased by 60%, with new strains like TrickMo and Octo2. These threats are often delivered through malicious SMS messages, reinforcing the need for strong mobile security.

Norton Genie, Gen’s AI-driven scam detector, adapts in real-time to detect AI-enhanced deception tactics.

Norton Genie’s 2024 telemetry data shows that after generic scams, smishing attempts—SMS messages impersonating banks, delivery services, or government agencies—are the most common (16.5%).

The report also showed that lottery scams and general phishing emails follow closely, emphasizing the growing complexity of digital threats.