Gen's report reveals surge in cyber threats for Q4 2024

Gen has published its Q4 2024 Threat Report, highlighting a significant surge in cyber threats across various platforms, with 2.55 billion threats blocked between October and December.

The report identified that 321 threats were blocked every second during the last quarter of 2024. A risk ratio of 27.7% indicates the likelihood of encountering such threats, with 86% involving social engineering attacks. These attacks utilise advanced psychological techniques aiming to exploit human emotions and vulnerabilities.

Siggi Stefnisson, Cyber Safety Chief Technology Officer at Gen, commented on the evolving threat landscape: "We're continuing to see scam-related threats becoming far more dangerous as they hide, sometimes in plain sight, throughout every aspect of our digital life. This quarter we saw them prey on people's emotions, such as the need to shop on budget during the holidays, the desire to find love during the end of the year, the hope for change during government elections and more. And, unfortunately, this is resulting in people continuing to lose money and control over their personal information. In 2025 we only expect these risks to increase as the rise of AI-powered systems and devices will mark the next frontier for cybercrime."

The report highlights that social media remains a critical battlefield in cybercrime, with Facebook, YouTube, and WhatsApp identified as leading platforms for fraudulent activities. Facebook alone accounted for 56% of reported threats while Telegram, despite having fewer users than WhatsApp, experienced more threats due to its enhanced privacy features.

Major scams identified include deceptive online advertising, accounting for 27% of incidents, fake online stores (23%), and phishing schemes (18%). Such methods have been reported to leverage platform algorithms and AI technology to conduct their scams exceptionally effectively.

The last quarter of 2024 witnessed a notable spike in financial scams, with mobile phones used prominently as a tool by scammers. The CryptoCore group's deepfake crypto scam was particularly significant, exploiting the US Presidential Election to steal over USD $7 million. The group employed deepfake videos with well-known figures such as Elon Musk.

Additionally, mobile banking threats saw an upswing, with new applications aiming to extract sensitive banking information. DroidBot and ToxicPanda were cited as prominent threats, the latter posing as legitimate applications like Visa or web browsers while concealing malware.

A new spyware disguised as a Body Mass Index (BMI) calculator was found to be spreading through the Amazon Appstore. The spyware is capable of extensive surveillance, including recording screens and accessing SMS data.

The ongoing rise of ransomware was another critical finding, registering a 50% increase in Q4 2024, continuing a trend that has persisted for three consecutive quarters. This increase underlines an escalating threat facing both organisations and individual users globally.

The report detailed that personal data loss remains a significant issue, exacerbated by Scam-Yourself Attacks such as ClickFix, where psychological manipulation encourages users to execute malicious codes.

To counter these threats, Gen introduced a Clipboard Protection feature across its Norton, Avast, and AVG brands, designed to block clipboard-based threats before they execute.