Norton Labs, has released its quarterly Consumer Cyber Safety Pulse Report, detailing the top consumer cybersecurity threats and insights from July through September 2022. Leveraging the company’s global threat telemetry, the report includes an analysis of the most recent ways cybercriminals are putting privacy and security at risk. Norton telemetry for the month of September in India shows there were 4.7 million blocks in that 30 day period, to deal with the level of threat.
Norton Labs analyzed recent attacks on top companies that were compromised through stolen login credentials. While these campaigns aimed to steal the information that could later be monetized against victims, the goal was to undermine the trusted technologies used to send automated emails, authentication codes and an entire company’s single sign-on.
Jeff Nathan, Technical Director and Researcher, NortonLifeLock, said, “Cybercriminals have become experts at catching one-time codes used in most two-factor authentication and they know that by undermining the systems that send the codes, their efforts are even more effective,” “Consumers should use FIDO U2F tokens everywhere they can, as they aren’t susceptible to these phishing attacks.”
Cybercriminals are also turning to scam e-shops offering electronics, jewellery, clothes, and everything-in-between to lure victims. These sites often seem legitimate with polished storefronts, positive reviews, ties to social media accounts and more. However, once you place an order, you may receive a counterfeit item or nothing at all. Norton Labs warns shoppers to watch out for prices that may be too good to be true, be wary of sites that request unusual payment-processing methods and to beware of social media ads and unsolicited messages. Using a URL lookup tool like Norton Safe Web can also let shoppers know if a site is already known to be a malicious/scam domain.
Another alarming discovery from Norton Labs is that 80 percent of websites share search terms with advertisers either accidentally or deliberately. Trackers can gain information from website visits, such as a user’s IP address, the website’s content, domain and more. This offers third parties a user’s search terms which can include sensitive information like medical concerns or family and legal situations. Advertisers may then use these characteristics to target ads in unexpected or potentially uncomfortable ways.
