‘Scam-Yourself’ Attacks Are Rapidly Evolving Threats In A Threat-Weary World: Report
These attacks are designed to “trick” users into compromising their systems.
A new report released Tuesday reveals yet another cybersecurity threat that is a cause for concern: so-called “scam-yourself” attacks.
Cyber safety company Gen released its Q3 2024 threat report. According to the report, “scam-yourself” attacks rose 614 percent quarter-over-quarter, making them among the most rapidly evolving cyber threats.
What Are ‘Scam-Yourself’ Attacks?
Gen’s report describes “scam-yourself” attacks as social engineering designed to “trick” users into compromising their systems.
Some of these tactics include fake tutorials and online guides. The report gives the example of a user clicking on what they think may be a software installer. The installer files could include a README file with code disabling antivirus protection.
In another example, a user could innocently click on a YouTube tutorial video, be directed to download some software under the guise of some help or fix and instead the user downloads malware.
ClickFix scams are another form of “scam-yourself” attacks where a user is instructed to enter code at a command prompt under the guise of fixing some computer issues. That code typically allows a threat actor to take over the user’s computer.
CAPTCHA scams are another type of self-imposed user attack. They employ fake CAPTCHAs that copies malicious code to a user’s clipboard and instructs the user to install code which is actually malware, onto their device. According to the report, security company Norton said that over 2 million users worldwide were targeted with this scam just this past quarter.
Fake updates are another form which tricks users into thinking they are installing a needed software update, but instead they are installing malicious software.
Other Report Highlights
Gen’s report detailed other current threats. Advanced Persistent Threats (APTs) are sophisticated hacks that allow a bad actor to target a device on a network and maintain an often long undetected presence on that network.
Some APTs cited in the report include the FudModule v3.0 rootkit exploit that injects a payload onto a target machine and can disable that device’s security defenses.
Botnets are being used by hackers to infiltrate machines on a network to gain remote control access, distribute spam, or fire up DDoS attacks.
Information stealer attacks were pervasive in Q3, according to the report. One in particular, Lumma Stealer, information stealing malware available through Malware-as-a-Service (MaaS), had an increase in distributing its information-stealing malware by 1,154 percent this quarter, according to the report.
Ransomware, Remote Access Trojans (RATs), crypto scams, phishing, and spyware are among the other active threats that Gen’s report pinpoints.
Read the entire report from Gen here.