AI is now a game-changer for cybercriminals, who are leveraging it to craft increasingly sophisticated attacks. According to the latest Q2/2024 Gen Threat Report by Gen™, the global leader in consumer Cyber Safety, AI-powered scams, digital identity theft, and ransomware have become the top threats for consumers. This quarterly report provides a comprehensive overview of the emerging dangers consumers face and emphasizes the need for increased vigilance in an ever-evolving digital world.
AI Supercharges Cybercriminals’ Toolkits
In the second quarter of 2024, Gen’s research shows a notable increase in the use of AI by cybercriminals. From April to June, AI was at the heart of many cyber scams, enabling attackers to create more convincing and deceptive schemes. “Cybercriminals are expanding their toolkits with even more uses of AI to strengthen their attacks,” said Siggi Stefnisson, Chief Technology Officer at Gen. The accessibility of AI allows bad actors to elevate their attacks by using realistic deepfakes of celebrities, images, and videos, making scams harder to detect.
One emerging trend is the use of AI to exploit high-profile events and global news to attract victims. In one prominent case, a scam group used deepfakes during the SpaceX Starship flight test in June, resulting in $1.4 million stolen through phony cryptocurrency giveaways. These scams, hosted on compromised YouTube accounts, demonstrate the power of AI in making fraudulent campaigns more convincing and financially damaging.
AI in Phishing and Job Scams: From Text to Voice
As economic pressures weigh on consumers, cybercriminals have found new ways to exploit financial insecurity. A significant development this quarter was the use of AI-generated voices in scams offering part-time jobs with the promise of quick earnings. What starts as a simple task—like promoting goods on social media—quickly escalates, as scammers manipulate victims into transferring money. AI adds a new layer of realism to these cons, making it easier for criminals to build trust with their targets through convincing, human-like communications.
This rise of voice-driven scams marks a significant shift from traditional text-based phishing attacks, demonstrating how AI is enhancing old fraud techniques to devastating effect. Deepfakes of celebrities promoting fake cryptocurrency investments, alongside AI-powered voice communications, show the adaptability of cybercriminals in an AI-driven world.
Digital Identity Theft: The New Gold Rush
Another alarming trend from the report is the surge in digital identity theft. As large-scale data breaches continue to rise in 2024, cybercriminals are turning to more direct methods, such as using InfoStealers and Mobile Bankers, to gain access to sensitive personal data. Instead of buying compromised information on the dark web, attackers are now deploying malware that directly steals login credentials, financial information, and session cookies from devices.
In particular, Mobile Bankers like TeaBot have emerged as a serious threat. Disguised as legitimate apps like PDF readers, these malicious programs target mobile banking users, stealing cryptocurrency wallets and other sensitive credentials. Spyware like XploitSpy also poses a significant risk, enabling hackers to monitor users through their smartphones by accessing files, cameras, and microphones.
The Revival of Fake Antivirus Scams
Not all threats rely on cutting-edge AI. In Q2, Gen observed the return of classic antivirus scams that were prominent in the late 2000s. These scams use aggressive pop-ups that mimic legitimate antivirus software, tricking consumers into believing their device is infected. Scammers exploit the Windows notification system to make their fake alerts appear as credible system messages, prompting victims to purchase fake software. While the tactics are familiar, the execution has become more sophisticated, often leveraging AI to make the scams more convincing.
Ransomware Attacks Spike Globally
Ransomware remains a growing threat to consumers, with a 24% rise in attacks from the previous quarter. Gen’s telemetry data reveals significant spikes in ransomware infections in countries like India, which saw a 379% increase, followed by notable upticks in the United States, Canada, and the United Kingdom.
What makes ransomware especially dangerous for consumers is their relative lack of protection compared to larger organizations. Many ransomware attacks target individuals through pirated content or malicious downloads, leading to data loss and extortion demands. Despite law enforcement efforts to combat ransomware groups like LockBit, these attacks persist, driven by the lucrative returns they offer cybercriminals.
To counter this rising tide, Gen continues to provide free decryption tools, such as the recently released Avast DoNex Ransomware Decryptor, which helps victims recover their data without paying ransoms. Collaboration between cybersecurity companies and government agencies remains critical in the ongoing fight against ransomware.
Consumer Protection: Staying Vigilant
In light of these threats, Gen urges consumers to stay informed and take proactive steps to safeguard their digital identities. With AI-fueled scams on the rise and ransomware operators targeting individuals, robust security practices are more important than ever. Gen’s network, which blocked over a billion unique attacks per month in Q2, highlights the scale of the challenge but also demonstrates the effectiveness of using advanced cybersecurity tools.
Stefnisson notes, “We urge consumers to stay informed and alert. We will continue to provide the latest knowledge and tools needed to be safer despite the evolving threat landscape.” Consumers are encouraged to:
- Enable multifactor authentication (MFA): MFA significantly reduces the likelihood of account compromise by adding an extra layer of security.
- Be cautious with unsolicited job offers: Scammers are capitalizing on financial insecurity, so it’s essential to verify the legitimacy of job opportunities.
- Avoid pirated content: Many ransomware infections stem from downloads of pirated media. Stick to legitimate sources to minimize risk.
- Regularly back up data: Ensuring you have a backup of important files can protect you from ransomware-related data loss.
Final Thoughts
Gen’s Q2/2024 Threat Report underscores the growing sophistication of cybercriminals, who are increasingly leveraging AI to enhance their attacks. As scams become more convincing, digital identity theft more targeted, and ransomware more prevalent, consumers must remain vigilant. By staying informed, using advanced cybersecurity tools, and adopting proactive digital safety habits, individuals can protect themselves against the rapidly evolving threat landscape.