NortonLifeLock wants to educate you on cybersecurity

Norton Labs’, the global research team for NortonLifeLock (NASDAQ: NLOK) published its quarterly Consumer Cybersecurity Pulse Report provide information on cybersecurity from April to June 2022.

The company used its Global Threat Telemetry to produce the analysis, which includes findings on how cybercriminals are using social media phishing attacks to steal people’s private information. Norton Labs put aside an entire year of phishing attacks on the biggest social media platforms and found many fake login pages designed to trick victims into revealing their login credentials, but also other tricks more recent and innovative that went beyond a technique.

“Threat actors use social media for phishing attacks because it’s a low-effort, high-return way to target billions of people around the world. As social media is closely linked to our daily lives, it is essential to know how to spot the signs of a scam and to keep a close eye on the origin of requests for information. Better yet, consider strong, multi-layered security that can be on the prowl,” said Darren Shou, chief technology officer, NortonLifeLock.

NortonLifeLock is dedicated to consumer cybersecurity, striving to protect people and give them the confidence to live their digital lives safely. The Company’s products include cyber security suites, antivirus and others.

Norton Labs has found the top tactics hackers use to trick victims into revealing personal information, and while classic login phishing remains number one, hackers are increasingly savvy in finding new ways to trick social media users to disclose the information. Some of these tactics include lockouts or making a victim’s account look like it has been locked, tricking victims into revealing their credentials or installing malware on the promise of more subscribers. Also, verified badge scams, in which a user will be forced to log in to acquire and not lose their verified status on the platform.

Cybersecurity in numbers:

From April to June 2022, Norton stopped more than 900 million threats, or about 10 million threats every day. Norton blocked:

  • 22.6 million phishing attempts
  • 103.7 million file threats
  • 302,000 mobile threats
  • 78,000 ransomware attacks

Another popular phishing campaign involves intercepting temporary codes to break into profiles using two-factor authentication (2FA). These tokens are usually connected via an app or other service to the victim’s device and allow the scammer to perform actions such as changing personal data or changing login credentials.

Scammers have also taken advantage of student opportunities and financial needs by offering fake scholarships and financial aids.

The most pernicious fraud discovered by Norton involves the payment app Zelle.

Zelle typically appears on mobile devices or on a bank’s website as a way to send instant payments from one bank account to another. The recipient does not need to accept or acknowledge the payment, and the sender is simply prompted for confirmation before sending. Once payment is made, however, there is no way to get the money back.

It’s a convenient way to pay your friends, but it’s just as convenient for hackers and scammers to trick people into emptying their bank accounts.

The two types of fraud detected by NortonLifeLock involving Zelle are:

Zelle + social engineering:

It starts with a text message alerting victims to activity like a large transfer from their bank account. The victim replies that she did not know and receives a callback from a bogus bank representative. The attack weaves an elaborate story to convince the victim to associate their phone number with an account controlled by the hacker, who then asks the victim to transfer all their money through Zelle to the phone number to secure it. Then the attacker disappears.

Zelle as a tool:

Another method is to break into your bank account using phishing or malware, which gives the hacker free rein to log in and transfer money from your account to theirs and then disappear. Zelle is used as a tool to quickly transfer money, and that money is gone.

The takeaway, according to Norton, is not to respond to any text messages or phone calls regarding Zelle.