Tech support scams are biggest phishing threat to consumers, says Norton Labs report

Bengaluru: Tech support scams, which often arrive as a pop-up alert convincingly disguised using the names and branding of major tech companies, have become the top phishing threat to consumers, according to a new report. Tech support scams are expected to proliferate in the upcoming holiday season, as well as shopping and charity-related phishing attacks, it said. NortonLifeLock’s global research team, Norton Labs, on Tuesday published its third quarterly Consumer Cyber Safety Pulse Report, detailing the top consumer cybersecurity insights and takeaways from July to September 2021. Norton said in a statement it blocked more than 12.3 million tech support URLs, which topped the list of phishing threats for 13 consecutive weeks between July and September. “The effectiveness of this type of scam has escalated during the pandemic due to consumers’ increased reliance on their devices to manage hybrid work schedules and family activities”, it said. Norton said it successfully blocked 17,214,929 cyber safety threats in India alone over the past quarter. Figures globally for the quarter reached nearly 860 million, including 41 million file-based malware, 309,666 mobile-malware files, nearly 15 million phishing attempts and 52,213 ransomware detections. Tech support scams are effective because they prey on consumers’ fear, uncertainty and doubt to trick recipients into believing they face a dire cybersecurity threat, said Darren Shou, head of technology, NortonLifeLock, a global leader in consumer cyber safety. Awareness is the best defense against these targeted attacks. Never call a number listed on a tech support pop-up, and instead reach out to the company directly through their official website to validate the situation and next steps", he added. Norton Labs researchers identified a punycode phishing campaign targeting bank customers with a near carbon copy of the real banking homepage to trick them into entering their credentials. Especially as the holidays near, consumers should be aware that gift cards are a prime target for attackers because they typically have lower security than credit cards and aren’t tied to a specific person’s name, the statement added. “Further, many gift cards are made by the same company with a 19-digit number and 4-digit PIN. Attackers use websites intended to check a gift card’s balance to uncover valid card number and pin combinations, giving them full access to the funds”, it was stated.