Gen´s latest Threat Report highlights a significant escalation in fake online pharmacies, the proliferation of artificial intelligence-powered ransomware, and a broad surge in online scams and malvertising impacting users across the United Kingdom and globally. The report points to a dramatic growth in what it labels PharmaFraud—a network of more than 5,000 fraudulent online pharmacy websites operating internationally. These fake pharmacies masquerade as legitimate outlets, targeting individuals seeking popular medications such as counterfeit Viagra, fraudulent Ozempic, and unregulated antibiotics and steroids. The key objective is to harvest personal and financial data by deceiving users through sophisticated websites and aggressive online tactics.
The fraudulent pharmacy sites, according to Gen, utilize a variety of deceptive approaches including injecting malicious code into medical websites, manipulating search engine rankings, and leveraging artificial intelligence-generated health blogs and customer reviews to enhance credibility. Despite professional appearances, signs of fraud are evident in suspiciously low medication prices, missing contact details, required cryptocurrency payments, lack of secure checkout, and requests for sensitive information. Laura Wilson, director at the Royal Pharmaceutical Society, emphasized the unique risks posed by these operations—potentially dangerous or substandard medicines, with ramifications for patient safety and health outcomes.
Gen´s report documents the detection and blocking of one million attempted attacks from these fake pharmacy operations. The company also tracked a 21% rise in data breaches, a staggering 340% increase in global financial scams—particularly targeting the UK—and a doubling of sextortion scam activity within one quarter. In a major development, Gen observed the rise and subsequent neutralization of FunkSec, a ransomware operation developed using generative artificial intelligence. Collaboration with law enforcement and security researchers led to the discovery of cryptographic flaws in FunkSec, allowing the public to access a free decryptor through Avast. Reports confirm that FunkSec is no longer active.
Within the UK, threats linked to online scams and malvertising have intensified sharply. Malvertising delivered via push notifications surged 343%, often under the guise of video players or fake system alerts. Sextortion scams and tech support scams spiked by 78% and 72% respectively, typically facilitated by misleading popups and fraudulent helplines. Cybercriminals increasingly use social engineering to extract private information or illicit payments. Facebook is identified as a major platform for deceptive ads and deepfake-based scams, with technical support fraud frequently propagated through fake Messenger pages. Fourteen percent of all Facebook threats blocked by Gen were associated with these scams.
Additional findings include a 21% increase in data breaches, a 16% uptick in compromised email accounts, and a 317% jump in malicious push notification campaigns. There was also a 62% increase in remote access attacks tied to malware like Wincir RAT and the exploitation of cloud services. Meanwhile, legacy adware has resurfaced in international markets. Small businesses remain susceptible to malware, exploit attacks, and remote access threats, with fraudulent online scams being the most prevalent. Both consumers and enterprises continue to face substantial risks of information and identity theft despite ongoing defensive efforts.
