Fake tech support and survey scams are among the biggest current phishing threats to Aotearoa's internet users, according to a new report.
NortonLifeLock's latest Consumer Cyber Safety Pulse Report analysed global data from April - June this year, examining a total of 23.7 million phishing attempts.
It found an increase in scams specifically designed to trick unsuspecting consumers to share personal information or engage in behaviour that puts their privacy at risk.
The top three phishing scams in Q2 2021 were:
- Survey scams e.g. an Amazon shopper survey designed to collect personal information in exchange for unrealistic rewards
- Technical support scams e.g. a Microsoft-themed scam capitalising on users' fear of not being protected online
- Supplement scams e.g. a scam offering amazing weight-loss results designed to get credit card details.
"Scammers are masters in exploiting human emotions to put you into a state of panic," says Marcel Feller, principal security researcher at Norton Labs.
"When you’re in that state, you're more likely to comply with anything the scammer wants."
During the three months covered in the report, Norton blocked a total of 909 million threats, the company said. That included 56 million pieces of malware and over 85,000 ransomware attempts.
Working from home due to COVID-19 has had an impact on the format of the phishing attacks, but as the world opens up the types seen are expected to diversify again.
"Cybercriminals often take advantage of current events to make their scams more convincing," says Darren Shou, head of technology, NortonLifeLock.
"We anticipate scammers will pivot to tailor their phishing attempts to tie into themes like travel and back-to-school."
Norton also investigated other threats to Kiwis online which they consider "unseen" by the majority of users, including encrypted chat marketplaces e.g. stolen goods being offered for sale over Telegram, as well as threats to gamers.
In the latter, people who play games online can look to gain additional advantages over opponents such as automatic aiming hacks for first-person shooter games. Others may seek 'cracks' - pieces of software that allows them to play games they haven't paid for.
Sites that offer that type of software can include vulnerable drivers, and are often accompanied by instructions to disable any security software running in order to do so.
"Through trickery and psychology, cybercriminals 'socially engineer' gamers into installing vulnerable drivers that are compromised by other software within cheats and cracks," Norton said.
"In turn, that leads to compromise and infection of computer systems. And that could lead to stolen personal information as well as account takeovers and loss of virtual goods."