Gen Reports 614% Rise in Command Prompt Manipulation Scams
Social engineering attacks targeting technology users have reached record levels in 2024, as cybercriminals shift their focus from technical exploits to psychological manipulation. These attacks, which exploit users’ willingness to follow online instructions and tutorials, reflect a shift in the cybersecurity landscape, where attackers increasingly target human behaviour rather than technical vulnerabilities.
With this approach proving effective as users seek online solutions for software and technical problems – and often encountering malicious content disguised as legitimate help – Gen, the cybersecurity company behind Norton and Avast antivirus software, has documented a significant increase in attacks where cybercriminals exploit users’ technical problem-solving instincts to compromise their systems.
Norton Genie data shows evolution of social engineering
The company's Q3 2024 threat report identifies a 614% increase in what it terms ‘scam-yourself attacks’, where users are manipulated into entering malicious code into their command prompts – a text-based interface used to execute commands on a computer system.
“In July through September, scams continued to dominate the threat landscape, while data-theft abusing malware and ransomware also increased rapidly,” says Siggi Stefnisson, Cyber Safety CTO at Gen.
These attacks frequently manifest through YouTube tutorials that promise free versions of paid software, fake technical support guides that prompt users to input harmful commands, and fraudulent CAPTCHA verification systems – the verification boxes that ask users to identify images or text to prove they are human.
The fraudulent tutorials often include fake software update notifications that guide users to paste malicious scripts into their systems, granting attackers administrative privileges.
Gen, which owns consumer cybersecurity brands including Avast, LifeLock, Avira, AVG, ReputationDefender and CCleaner, serves nearly 500 million users across 150 countries.
Lumma Stealer leads surge in information theft
The report identifies a 39% increase in data stealing malware, with one variant called Lumma Stealer – software designed to harvest sensitive information including passwords and cryptocurrency wallet data – showing an 1,154% increase in deployment.
- 614% rise in "scam-yourself attacks" in Q3 2024
- 1,154% increase in Lumma Stealer malware deployment
- 166% growth in mobile spyware targeting screen activity
Gen’s research found that ransomware attacks have doubled their risk ratio – a metric measuring potential impact per user. The Magniber strain emerged as the primary ransomware threat, with systems running Windows 7 proving particularly vulnerable.
Gen researchers are working with governments globally to combat ransomware by providing free decryption tools for victims – with the company recently releasing a ransomware decrypting tool for Avast Mallox.
Mobile threats target financial services
On mobile devices, spyware capable of recording screen activity increased by 166%. A new strain called NGate emerged, which clones contactless payment data from bank cards to facilitate unauthorised ATM withdrawals.
Banking malware, which targets banking credentials, rose by 60% quarter-over-quarter. The Rocinante malware family led this trend, accompanied by new variants TrickMo and Octo2.
The report identifies malicious SMS messages as a common delivery method for mobile threats. Avast continues to enhance its mobile-specific defences as consumers increase their reliance on mobile devices for financial transactions.
AI-enhanced defences combat sophisticated threats
Gen reports that cybercriminals are increasingly using AI to enhance social engineering campaigns, including the creation of deepfake content and personalised phishing messages.
Norton’s AI-powered scam detection data reveals that SMS-based phishing attempts, known as smishing, represent 16.5% of detected scams. These messages impersonate banks, delivery services and government agencies. Lottery scams account for 12% of detected threats, while package delivery scams comprise 9.6%. Fake invoices represent 7.7% of detected scams.
In July through September, scams continued to dominate the threat landscape, while data-theft abusing malware and ransomware also increased rapidly.
The company's Norton Genie App uses AI to provide real-time threat detection against AI-enhanced deception attempts. This telemetry data enables Gen to refine its protection systems.
"Our consistent focus is to empower people with the tools they need, such as the Norton Genie scam detector, so they can protect their digital lives as threats evolve,” says Stefnisson.
Explore the latest edition of Cyber Magazine and be part of the conversation at our global conference series, Tech & AI LIVE and Cyber LIVE.
Discover all our upcoming events and secure your tickets today.
Cyber Magazine is a BizClik brand
- Darktrace to Acquire Cado Security in Cloud Defence PushCloud Security
- BCG Global Cyber Leader: How Gen AI Breaks Security DefencesTechnology & AI
- Splunk: CISOs Face Mental Health Crisis Amid Cyber AttacksCyber Security
- Darktrace Reports 692% Surge in Black Friday Cyber ScamsCyber Security