Latest news with #SiggiStefnisson
Scottish Sun
a day ago
- Health
- Scottish Sun
Thousands of UK pharmacies are FAKE and selling mislabelled toxic substances – from pesticides to animal tranquillisers
Plus, how to spot counterfeit medication DRUG DANGER Thousands of UK pharmacies are FAKE and selling mislabelled toxic substances – from pesticides to animal tranquillisers Click to share on X/Twitter (Opens in new window) Click to share on Facebook (Opens in new window) MORE than 5,000 fake pharmacy websites are operating in the UK selling medicines containing potentially deadly substances, a report has revealed. Customers buying products to do with sexual health, hormone therapy, erectile dsyfunction and weight loss have been their target. Sign up for Scottish Sun newsletter Sign up 1 Many people looking for medications online are falling for PharmaFraud, according to a new report Credit: Getty The new report found many are at risk of losing their money, personal data or worse by using these sites, that are being generated by a gang of cybercriminals using AI. Dubbed 'PharmaFraud', the operations use a range of tactics like injecting malicious code into medical websites, manipulating search results, deploying AI-generated health blogs and fake reviews. Fake sites were found to deliver convincing looking items with forged labels and fake expiration dates for products like Ozempic or Viagra. And URLs such as and 77pharmacy were outed as fraudulent, with the sites posing as convincing imitations with polished layouts, bogus customer service information, and detailed product pages. Avast, a cyber safety brand of Gen, said in 2025 so far, it has blocked more than a million attacks from these sites against its customers. Siggi Stefnisson, cyber safety chief technology officer for Avast, said: "Cyber threats are now smarter, faster, and more personal. "PharmaFraud is a perfect example of how cybercriminals think - they want to prey on people who are vulnerable, feeling desperate, or generally in need. In many cases, people looking for medications online can fall into that bracket. "That's why awareness and vigilance are critical." According to the report, these fake pharmacies primarily target people looking to protect their privacy when buying certain products, such as those related to sexual health and hormone therapy. People looking for fast results through weight loss medication - or those simply looking to try out more affordable products - are also targeted. How to save money when buying medicine At best, buyers would receive counterfeit drugs that contain no active ingredients, but at worst, could include heavy metals, animal tranquillisers or contaminated stock. The report also revealed tricks regularly relied upon by scammers such as hijacking legitimate sites, manipulating search engines to push their sites to the top and using AI to generate 'health blogs', five-star reviews and even provide customer support. Taking payments via crypto and unsecured checkout forms were other methods used. Recommended precautions to avoid being a victim included only using UK registered pharmacies, looking for the official pharmacy logo on the website and looking for real customer service information. And any legitimate site will require you to have a prescription. Laura Wilson, director at the Royal Pharmaceutical Society, said: "These medicines may be out of date, substandard or contain dangerous substances. "Websites that offer prescription only medicines without a prescription are acting illegally. "Only use online pharmacies that are registered with the pharmacy regulator, The General Pharmaceutical Council. "Always check an online pharmacy has a verified UK address, contact number and the official registered pharmacy logo which links to the regulator's website."
Daily Mirror
a day ago
- Health
- Daily Mirror
Millions fall foul of scam websites selling mislabelled toxic substances
Gen's cyber safety brand Avast has warned of more than 5,000 fake pharmacy websites operating in the UK, selling counterfeit drugs More than 5,000 bogus pharmacy websites are currently operating across the UK - flogging mislabelled toxic substances ranging from pesticides to animal tranquillisers. Avast, a cyber safety brand of Gen, revealed that in 2025 so far, it has thwarted more than a million attacks from these sites targeting its customers. Web addresses including and 77pharmacy have been exposed as fraudulent, with the sites masquerading as legitimate operations complete with professional layouts, fabricated customer service details, and comprehensive product listings. It comes after UK households issued warning if they have Nescafé coffee in kitchen. . The investigation discovered many Britons are at risk of losing their cash, personal information or worse, exposing a network of cybercriminals utilising AI to create fake websites. These dodgy sites can dispatch authentic-looking items bearing counterfeit labels and false expiry dates for medications like Ozempic or Viagra, with the actual contents being potentially lethal. Branded 'PharmaFraud', the criminal enterprises employ various methods including embedding malicious software into medical websites, manipulating search engine results, creating AI-generated health blogs and fabricating customer reviews. Siggi Stefnisson, cyber safety chief technology officer for Avast, said: "Cyber threats are now smarter, faster, and more personal. PharmaFraud is a perfect example of how cybercriminals think – they want to prey on people who are vulnerable, feeling desperate, or generally in need. In many cases, people looking for medications online can fall into that bracket. That's why awareness and vigilance are critical." According to a recent report, these bogus pharmacies primarily prey on individuals seeking to maintain their privacy when purchasing products related to sexual health, hormone therapy or erectile dysfunction. They also target those in search of quick results through weight loss medication, or simply those looking for more affordable alternatives. At best, customers may receive counterfeit drugs that contain no active ingredients, but at worst, they could contain heavy metals, animal tranquilisers or contaminated stock. Laura Wilson, director at the Royal Pharmaceutical Society, warned: "These medicines may be out of date, substandard or contain dangerous substances." She added: "Websites that offer prescription only medicines without a prescription are acting illegally." She advised: "Only use online pharmacies that are registered with the pharmacy regulator, The General Pharmaceutical Council." She further cautioned: "Always check an online pharmacy has a verified UK address, contact number and the official registered pharmacy logo which links to the regulator's website." The report also exposed tactics frequently used by fraudsters such as hijacking legitimate sites, manipulating search engines to push their sites to the top and using AI to generate 'health blogs', five-star reviews and even provide customer support. Accepting payments via cryptocurrency and unsecured checkout forms were other methods employed. To avoid falling victim, it's recommended to only use UK registered pharmacies, look for the official pharmacy logo on the website and seek out genuine customer service information. Furthermore, any legitimate site will require you to have a prescription.
Scoop
29-05-2025
- Business
- Scoop
Q1/2025 Gen Threat Report Reveals AI-Driven Scams Redefining Cybercrime
Press Release – Gen Auckland, 29 May, 2025 — Gen (NASDAQ: GEN), a global leader powering Digital Freedom with a family of trusted brands including Norton, Avast, LifeLock, MoneyLion and more, today released its Q1/2025 Gen Threat Report, highlighting the most significant shifts shaping the global Cyber Safety landscape observed between January and March 2025. Key report findings include a 186% surge in breached personal information, a 466% increase in phishing reports, growth in fake browser update scams by 17 times the previous quarter's levels, and more than 4 million people protected from Scam-Yourself Attacks, alongside the rise of mobile financial fraud and crypto-related US presidential inauguration scams. 'Online threats are evolving at a startling pace,' said Siggi Stefnisson, Cyber Safety CTO at Gen. 'Attackers are moving away from broad, indiscriminate campaigns to highly personalised, AI-enhanced deception. Breached data and AI tools are giving cybercriminals just enough personal information and design sophistication to more easily manipulate people. That's why we constantly evolve our cybersecurity solutions to be an interactive partner in fighting scams and to be one step ahead of cybercriminals.' Notable Trends from the Q1/2025 Gen Threat Report: Data Breaches Escalate Data breaches are on the rise, with a 36% increase in the number of breaches faced by companies compared to last quarter. Individual breached records surged by more than 186%, revealing sensitive information such as passwords, emails, and credit card details. Attackers employed more advanced infostealers like Lumma Stealer, making data compromise faster and harder to detect. Phishing Scams Designed to Bypass Security Filters Reports of phishing scams rose by a staggering 466% compared to the previous quarter, now making up nearly 32% of all scam submissions to the Norton Genie scam detector. According to the Norton Genie scam detector platform, phishing is the fastest-growing threat, second only to generic scams, which accounted for 51% of reports. The good news is that people are becoming more wary of potential phishing scams and reporting these messages. Telemetry data reveals a growing number of phishing campaigns that abuse dynamic DNS services and subdomain providers, as well as free website builders to create deceptive login pages. This means, that by mimicking legitimate login portals and leveraging trusted domains—like recent scams targeting AT&T, Telstra and Xfinity customers—attackers make phishing attempts harder to detect and more likely to succeed. Many of these campaigns create a sense of urgency for potential victims through emails claiming account issues or prompting people to review sensitive documents. Despite sometimes being poorly written, the use of familiar platforms and subdomain tricks allows these scams to bypass security filters and remain highly effective. Scam-Yourself Attacks and Fake Browser Updates on the Rise Example of a Fake Update popup in Firefox. The fake update mimics the branding, language, and layout of legitimate software. It often uses urgent language like: 'Your version is out of date, click to update now!' Gen helped protect over 4 million users from Scam-Yourself Attacks in which individuals, through sophisticated deception, are manipulated into infecting their own devices. In one of the most striking evolutions of this type of scam that we observed this quarter, attackers are using AI-generated personas, deepfake influencers and hired actors. They use these personas to deliver their malicious campaigns. This is primarily done through compromised YouTube accounts, leveraging interactive FakeCAPTCHAs and asking people to verify they are human but instead guiding them to give device permissions or download malware. Fake Update Scams grew to over 17 times last quarter's level. This type of Scam-Yourself Attack tricks people into installing malware under the guise of browser updates. Financial Threats Thrive on Mobile and Crypto Mobile financial threats continued to rise, fuelled by increasingly sophisticated tactics that target people directly through their smartphones. Malware, like banking trojans, now exploit accessibility features to overlay fake login pages, stealing sensitive data such as crypto wallet credentials. Combined with an uptick in credit and transaction fraud alerts, there's a growing trend of attackers focusing on mobile devices as gateways to people's financial lives. Digital currencies continue to be a target for financial threats. CryptoCore executed one of its most successful campaigns in early 2025, hinging on the US presidential inauguration. Attackers leveraged deepfake videos of public figures spread through compromised YouTube accounts to steal close to $4 million spread through more than 2,000 transactions. Gen is always innovating to stay one step ahead of today's evolving cyberthreats. Our trusted family of brands offers powerful solutions to help keep you safe—LifeLock helps people protect their identity, the Norton Cyber Safety lineup comes equipped with Norton Genie scam protection, and products like Avast Mobile Security offer protection for mobile devices, just to name a few. To learn more about the latest Cyber Safety tips and solutions, visit our blog at About Gen Gen (NASDAQ: GEN) is a global company dedicated to powering Digital Freedom through its trusted consumer brands including Norton, Avast, LifeLock, MoneyLion and more. The Gen family of consumer brands is rooted in providing financial empowerment and cyber safety for the first digital generations. Today, Gen empowers people to live their digital lives safely, privately and confidently for generations to come. Gen brings award-winning products and services in cybersecurity, online privacy, identity protection and financial wellness to nearly 500 million users in more than 150 countries. Learn more at
Scoop
28-05-2025
- Business
- Scoop
Q1/2025 Gen Threat Report Reveals AI-Driven Scams Redefining Cybercrime
Press Release – Gen Example of a Fake Update popup in Firefox. The fake update mimics the branding, language, and layout of legitimate software. It often uses urgent language like: Your version is out of date, click to update now! Auckland, 29 May, 2025 — Gen (NASDAQ: GEN), a global leader powering Digital Freedom with a family of trusted brands including Norton, Avast, LifeLock, MoneyLion and more, today released its Q1/2025 Gen Threat Report, highlighting the most significant shifts shaping the global Cyber Safety landscape observed between January and March 2025. Key report findings include a 186% surge in breached personal information, a 466% increase in phishing reports, growth in fake browser update scams by 17 times the previous quarter's levels, and more than 4 million people protected from Scam-Yourself Attacks, alongside the rise of mobile financial fraud and crypto-related US presidential inauguration scams. 'Online threats are evolving at a startling pace,' said Siggi Stefnisson, Cyber Safety CTO at Gen. 'Attackers are moving away from broad, indiscriminate campaigns to highly personalised, AI-enhanced deception. Breached data and AI tools are giving cybercriminals just enough personal information and design sophistication to more easily manipulate people. That's why we constantly evolve our cybersecurity solutions to be an interactive partner in fighting scams and to be one step ahead of cybercriminals.' Notable Trends from the Q1/2025 Gen Threat Report: Data Breaches Escalate Data breaches are on the rise, with a 36% increase in the number of breaches faced by companies compared to last quarter. Individual breached records surged by more than 186%, revealing sensitive information such as passwords, emails, and credit card details. Attackers employed more advanced infostealers like Lumma Stealer, making data compromise faster and harder to detect. Phishing Scams Designed to Bypass Security Filters Reports of phishing scams rose by a staggering 466% compared to the previous quarter, now making up nearly 32% of all scam submissions to the Norton Genie scam detector. According to the Norton Genie scam detector platform, phishing is the fastest-growing threat, second only to generic scams, which accounted for 51% of reports. The good news is that people are becoming more wary of potential phishing scams and reporting these messages. Telemetry data reveals a growing number of phishing campaigns that abuse dynamic DNS services and subdomain providers, as well as free website builders to create deceptive login pages. This means, that by mimicking legitimate login portals and leveraging trusted domains—like recent scams targeting AT&T, Telstra and Xfinity customers—attackers make phishing attempts harder to detect and more likely to succeed. Many of these campaigns create a sense of urgency for potential victims through emails claiming account issues or prompting people to review sensitive documents. Despite sometimes being poorly written, the use of familiar platforms and subdomain tricks allows these scams to bypass security filters and remain highly effective. Scam-Yourself Attacks and Fake Browser Updates on the Rise Example of a Fake Update popup in Firefox. The fake update mimics the branding, language, and layout of legitimate software. It often uses urgent language like: 'Your version is out of date, click to update now!' Gen helped protect over 4 million users from Scam-Yourself Attacks in which individuals, through sophisticated deception, are manipulated into infecting their own devices. In one of the most striking evolutions of this type of scam that we observed this quarter, attackers are using AI-generated personas, deepfake influencers and hired actors. They use these personas to deliver their malicious campaigns. This is primarily done through compromised YouTube accounts, leveraging interactive FakeCAPTCHAs and asking people to verify they are human but instead guiding them to give device permissions or download malware. Fake Update Scams grew to over 17 times last quarter's level. This type of Scam-Yourself Attack tricks people into installing malware under the guise of browser updates. Financial Threats Thrive on Mobile and Crypto Mobile financial threats continued to rise, fuelled by increasingly sophisticated tactics that target people directly through their smartphones. Malware, like banking trojans, now exploit accessibility features to overlay fake login pages, stealing sensitive data such as crypto wallet credentials. Combined with an uptick in credit and transaction fraud alerts, there's a growing trend of attackers focusing on mobile devices as gateways to people's financial lives. Digital currencies continue to be a target for financial threats. CryptoCore executed one of its most successful campaigns in early 2025, hinging on the US presidential inauguration. Attackers leveraged deepfake videos of public figures spread through compromised YouTube accounts to steal close to $4 million spread through more than 2,000 transactions. Gen is always innovating to stay one step ahead of today's evolving cyberthreats. Our trusted family of brands offers powerful solutions to help keep you safe—LifeLock helps people protect their identity, the Norton Cyber Safety lineup comes equipped with Norton Genie scam protection, and products like Avast Mobile Security offer protection for mobile devices, just to name a few. To learn more about the latest Cyber Safety tips and solutions, visit our blog at About Gen Gen (NASDAQ: GEN) is a global company dedicated to powering Digital Freedom through its trusted consumer brands including Norton, Avast, LifeLock, MoneyLion and more. The Gen family of consumer brands is rooted in providing financial empowerment and cyber safety for the first digital generations. Today, Gen empowers people to live their digital lives safely, privately and confidently for generations to come. Gen brings award-winning products and services in cybersecurity, online privacy, identity protection and financial wellness to nearly 500 million users in more than 150 countries. Learn more at
Techday NZ
28-05-2025
- Techday NZ
AI-fuelled scams & phishing soar in New Zealand, says Gen
Gen has released its Q1/2025 Threat Report, highlighting a substantial increase in AI-driven, highly personalised cyber threats impacting New Zealand and global internet users. According to the report, breached data sets and the growing availability of AI tools are enabling cybercriminals to craft more sophisticated and convincing attacks, with New Zealand identified as one of the nations most affected by these developments. Fake update scams, where fraudulent browser update notifications are used to trick individuals into installing malware, have surged dramatically. In New Zealand, such scams increased by over 11,000% in terms of blocked attacks. Globally, there was a 1,711% increase in risk associated with these fake update scams compared to the previous quarter. Alongside scams involving fraudulent browser updates, other prevalent threats in New Zealand during the first quarter of 2025 included malvertising, phishing, romance and e-commerce scams, adware, and what Gen refers to as "Scam-Yourself Attacks." These attacks often use social engineering to manipulate individuals into infecting their own devices. The report also recorded a significant global rise in breached personal information, with a 186% increase in exposed data such as passwords, emails, and credit card numbers. In New Zealand, incidents involving infostealers—a type of malware that targets personal and financial information—rose by 137% in the quarter. These include advanced threats like password stealers and banking trojans targeting credentials, cryptocurrency wallets, and instant payment systems. Gen stated it helped protect over 4 million people worldwide from Scam-Yourself Attacks in the quarter. This attack vector is increasingly being powered by AI-generated personas, deepfake influencers, and even hired actors, who are used to convince users—sometimes via compromised YouTube accounts—to install malware, engage with fake CAPTCHAs, or grant unnecessary device permissions. "Online threats are evolving at a startling pace," said Siggi Stefnisson, Cyber Safety CTO at Gen. "Attackers are moving away from broad, indiscriminate campaigns to highly personalised, AI-enhanced deception. Breached data and AI tools are giving cybercriminals just enough personal information and design sophistication to more easily manipulate people. That's why we constantly evolve our cybersecurity solutions to be an interactive partner in fighting scams and to be one step ahead of cybercriminals." The Gen report notes a 36% increase in the number of company data breaches compared to the previous quarter, with attackers employing advanced infostealers such as Lumma Stealer. These tools make data compromise faster and harder to detect for individuals and organisations alike. Phishing remains a significant concern with reports to the Norton Genie scam detector platform rising by 466% compared to the previous quarter. Nearly 32% of all scam submissions were related to phishing, making it the fastest-growing threat after generic scams. "Phishing is the fastest-growing threat, second only to generic scams, which accounted for 51% of reports. The good news is that people are becoming more wary of potential phishing scams and reporting these messages," the report states. Phishing campaigns are increasingly using dynamic DNS services, subdomain providers, and free website builders to host deceptive login portals, mimicking trusted brands and creating a false sense of security. An observed trend is the use of urgent messages claiming account issues or prompting users to review sensitive documents, which increases the effectiveness of these scams even if the language is poorly written. Use of familiar domains allows these phishing attempts to bypass security filters more readily. Fake update scams have grown to over 17 times their frequency from the prior quarter. Gen describes how these attacks mimic the branding, language, and layout of genuine software updates, often displaying messages such as: "Your version is out of date, click to update now!" to increase the likelihood of user interaction. On the financial threat front, mobile financial crime, particularly on smartphones, continued to grow. Attackers use malware and banking trojans that exploit accessibility features to overlay counterfeit login pages, stealing sensitive information like cryptocurrency wallet credentials. The report underscores a rise in credit and transaction fraud alerts as attackers increasingly view mobile devices as entry points to financial data. Digital currencies also remain a prime target. In early 2025, the cybercrime group CryptoCore was able to steal close to USD $4 million through over 2,000 transactions by using deepfake videos of public figures on compromised YouTube accounts, timed around the US presidential inauguration. Gen has reiterated that it will continue to evolve its cybersecurity offerings to address the shifting threat landscape. Its range of solutions includes identity protection through LifeLock, scam detection via Norton Genie, and mobile device protection with Avast Mobile Security.
