Hackers are tricking victims into scam-yourself attacks with fake tutorials, CAPTCHAs, and updates

Fraud
(Image credit: Shutterstock / Sapann Design)

  • AI continues to play a dual role in cybersecurity
  • Lumma Stealer rises 1154%, marking a new malware peak
  • Outdated systems remain vulnerable to ransomware

In its recent Q3 2024 Threat Report, Gen highlights alarming trends that reveal the rising complexity of cyber threats, highlighting that as cybercriminals refine their methods, the dual role of AI becomes evident.

While AI can be weaponized to enhance attacks by proliferating realistic deepfakes and highly convincing phishing campaigns, AI tools also serve as a crucial defense mechanism.

With cyber threats becoming more sophisticated and harder to detect, awareness and proactive measures are essential for safeguarding sensitive information.

Social engineering tactics take center stage

Cybercriminals increasingly use social engineering tactics to deceive millions into compromising their security. Quarter-over-quarter, there has been a 614% rise in “Scam-Yourself Attacks” which use psychological manipulation to trick individuals into unintentionally installing malware on their own devices.

Attackers will use fake tutorials shared on popular platforms like YouTube that claim to provide free access to paid software, enticing users to follow the instructions. However, the victims inadvertently download malicious programs instead.

Another tactic, known as ClickFix Scams, deceives victims by presenting fake technical solutions and then instructing users to copy and paste malicious code into their command prompts, unknowingly granting attackers control of their systems.

Similarly, fake CAPTCHA prompts have emerged disguised as standard verification steps, prompting users to paste harmful code into their systems. Fake updates that present themselves as essential software updates are being sent to users loaded with malware disguised to gain administrative privileges once installed.

Data-stealing malware and ransomware has seen an uptick with information stealers rising by 39%. The Lumma Stealer for example increased its activity by 1154%.

Ransomware attacks also surged, with a 100% increase in risk ratio, with the Magniber ransomware leading these attacks by exploiting unpatched software to gain access. Outdated systems, such as Windows 7, remain particularly vulnerable, however Gen has worked with governments to release free decryption tools like the Avast Mallox Ransomware Decryptor.

Mobile devices also suffered rises in data-stealing malware attacks, which grew by 166% during Q3/2024. A new spyware strain, NGate, emerged, capable of cloning bank card data to withdraw money or conduct unauthorized transactions. Meanwhile, banking malware, such as Rocinante, increased by 60%, with new strains like TrickMo and Octo2 surfacing.

In terms of delivery, malicious SMS messages remain the primary delivery method. Telemetry from Norton Genie shows that smishing (malicious SMS scams) accounts for 16.5% of observed attacks, followed by lottery scams (12%) and phishing emails/texts (9.6%).

You may also like

TOPICS
Efosa Udinmwen
Freelance Journalist

Efosa has been writing about technology for over 7 years, initially driven by curiosity but now fueled by a strong passion for the field. He holds both a Master's and a PhD in sciences, which provided him with a solid foundation in analytical thinking. Efosa developed a keen interest in technology policy, specifically exploring the intersection of privacy, security, and politics. His research delves into how technological advancements influence regulatory frameworks and societal norms, particularly concerning data protection and cybersecurity. Upon joining TechRadar Pro, in addition to privacy and technology policy, he is also focused on B2B security products. Efosa can be contacted at this email: udinmwenefosa@gmail.com

Read more
ransomware avast
“Every organization is vulnerable” - ransomware dominates security threats in 2024, so how can your business stay safe?
ransomware avast
Ransomware, deepfakes, and scams: the digital landscape in 2024
Cartoon Phishing
Hackers use GenAI to attack more frequently and effectively
A digital representation of a lock
Exploits on the rise: How defenders can combat sophisticated threat actors
A padlock resting on a keyboard.
AI-powered cyber threats demand enhanced security awareness for SMEs and supply chains
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Sounding the alarm on AI-powered cybersecurity threats in 2025
Latest in Security
Webex by Cisco banner on a Chromebook
Cisco warns some Webex users of worrying security flaw, so patch now
Red padlock open on electric circuits network dark red background
AI-powered cyber threats are becoming the biggest worry for businesses everywhere
Woman using iMessage on iPhone
Apple to take legal action against British Government over backdoor request
Red padlock open on electric circuits network dark red background
Aviaton firms hit by devious new polyglot malware
A laptop with a red screen with a white skull on it with the message: "RANSOMWARE. All your files are encrypted."
Major ransomware attack sees Tata Technologies hit - 1.4TB dataset with over 730,000 files allegedly stolen
Image of laptop infected with malware
Ransomware criminals are now sending their demands...by snail mail?
Latest in News
A hand holding a phone showing the Android Find My Device network
Android's Find My Device can now let you track your friends – and I can't decide if that's cool or creepy
Insta360 X4 360 degree camera without lens protector
Leaked DJI Osmo 360 image suggests GoPro and Insta360 should be worried – here's why
A YouTube Premium promo on a laptop screen
A cheaper YouTube Premium Lite plan just rolled out in the US – but you’ll miss out on these 4 features
Viaim RecDot AI true wireless earbuds
These AI-powered earbuds can also act as a dictaphone with transcription when left in their case
The socket interface of the Intel Core Ultra processor
Intel unveils its most powerful AI PCs yet - new Intel Core Ultra Series 2 processors pack in vPro for lightweight laptops and high-performance workstations alike
An Nvidia GeForce RTX 5070
Nvidia confirms that an RTX 5070 Founders Edition is coming... just not on launch day