New Report Reveals the Top Scams Online in Q1 2018

Hackers favored using spoofed ads and generic phishing to steal user’s data.

dfndr lab recently released its Q1 2018 Cybersecurity Report analyzing cybercrime trends for the first three months of this year.  According to the report, fraudulent advertisements and generic phishing accounted for 69% of all cyber attacks in January, February, and March of 2018. While spoofed ads were up from the previous quarter, the second and third place categories saw a decline suggesting that hackers are putting more effort into impersonating well-known, reputable brands. There were more than 3M online scams were detected this past quarter.

Top Scam Categories

  1.    Fraudulent Advertisements – 50.1%
  2.    Generic Phishing Scams – 18.9%
  3.    Messenger Scams – 10.9%

Cybercriminals favored targeting users with false advertisements in Q1 2018 making up more than half of all online scams. Fraudulent ad detections totaled more than 1.5M, up over half a million from 971K detections in Q4 2017, a 54% increase.  

Generic phishing scams were the second most common type of cyber attack with 566K detections, although it saw a 16% decrease from the previous quarter. Phishing involves sending spoofed messages that appear to come from trusted companies in which the users likely already do business. These spoofed messages are often transmitted through SMS and emails to trick users into sharing sensitive personal data such as passwords, social security numbers or bank account information containing malware-infected links.

Scams using messenger apps such as WhatsApp and Facebook Messenger bumped fake promotions from the top scams of this quarter. Both of these categories saw reductions, however. The use of counterfeit promotions dropped substantially by 60% although scams sent through messaging apps were down only 32% from 475K detections in Q4 2017 to 326K detections in Q1 2018.

Top Scams Online

  1.    Fake Virus Alerts- 558K
  2.    Adult Dating Site- 175K
  3.    Fake Promotions- 108K

There were 558K fake virus alerts detected in Q1 2018. These types of spoofed warnings were the top threat in Q1 2018 and are an example of fraudulent advertisements. This type of scam leads the user to believe that their device has been infected with a virus and encourages them to click the ad to download bogus anti-virus software to correct the issue.

The second of the top scams for Q1 2018 involved an adult dating site with a total of 175K detections. This scam is an example of generic phishing and involves tricking the user into allowing the site access to send update notifications that installed malware. Additionally, it directed users to websites that paid the hackers commissions for click-through ad engagements.  

Fake promotions are similar to fraudulent advertisements and accounted for 108K detections in Q1 2017. These scams bait users into registering for chances to win valuable prizes by clicking on an infected link, subscribing to a paid SMS service or installing an app containing malware. While this type of activity was down substantially from Q4 2017 by 59%, it still rounded out the top three scams of the quarter.  

Staying Protected

The best method to protect yourself from becoming a victim of an online scam is to fact check information such as news, job opportunities, contests, and promotions before sharing it on social media. Remember, cybercriminals often create spoofed offers and websites from well known and trusted brands.

Always protect your mobile device with reputable security software. dfndr security provides features such as anti-phishing that alerts users to malicious links received through SMS, emails or messenger apps before you click them.

Finally, you can also use the dfndr lab page verification tool at to verify suspicious URLs.