Gen blocks 1 million fake pharmacy attacks, releases free ransomware decryptor, and tracks increasing data breaches, financial scams, sextortion and tech support scams

TEMPE, Ariz. and PRAGUE, July 30, 2025 /PRNewswire/ -- Gen (NASDAQ: GEN), a global leader powering Digital Freedom with a family of trusted brands including Norton, Avast, LifeLock, MoneyLion and more, today released its Q2/2025 Gen Threat Report. Gen researchers explore how AI is changing the game for cybercriminals, notably uncovering over 5,000 highly convincing fake pharmacy websites scamming people seeking high-demand prescriptions and helping take down the first known ransomware developed using AI. The team of Gen researchers also report a 21% growth in data breaches, a 340% increase in financial scams, a 100% increase in sextortion scams, and a surge in Tech Support Scams running rampant on Facebook.

"Cyber threats continue to be smarter, faster, and more personal," said Siggi Stefnisson, Cyber Safety CTO at Gen. "From AI-powered ransomware to fake online pharmacies, the risks are real – and increasingly difficult for people to spot. But with global cooperation, advanced detection, and a relentless commitment to developing products that stop the latest threats, we can stay one step ahead. While threats continue to evolve, so does our ability to fight them."

PharmaFraud: Sophisticated Scams Masquerading as Medicine

When you need medication – whether it's a routine antibiotic, a high-demand weight loss treatment, or something more private – the internet can seem like the quickest, most discreet option. Cybercriminals now know it. Gen researchers dubbed the growing threat of fraudulent online pharmacies "PharmaFraud," and exposed a vast network of more than 5,000 web domains selling in-demand drugs such as erectile dysfunction treatments, weight-loss medications, and antibiotics—products often sought quickly, privately, or at lower cost. In 2025, Gen has blocked 1 million attacks coming from these sites against unsuspecting online shoppers.

These PharmaFraud operations use a range of tactics: injecting malicious code into medical websites, manipulating search results, deploying AI-generated health blogs and fake reviews. The sites are convincing imitations with polished layouts, bogus customer service information, and detailed product pages. But buyers beware – what may appear legitimate is often a scam, resulting in financial fraud and identity theft. Behind the scenes are red flags, such as low-cost offers for prescription-only drugs, missing contact information, requests for cryptocurrency payments, unsecured checkout processes, and prompts for sensitive personal, medical, or financial data.

Beating the Bots: Gen Cracks AI-Powered Ransomware

Gen continues to uphold its commitment to help victims of ransomware, uncovering a critical cryptographic flaw in FunkSec. This was the first known ransomware strain partially built using AI. While the malware successfully encrypted data and demanded payment, the Gen research team worked with law enforcement to help victims recover their files without paying via a free decryptor released by Avast. FunkSec has since gone quiet.

Financial and Tech Support Scams Flourishing on Facebook

The risk of being targeted by a financial scam increased 3-fold (340%) from April to June 2025, with many traced back to deceptive ads and fake pages on Facebook. Scammers used everything from deepfake videos to chatbot forms to collect personal and financial data—often under the guise of legal help or investment offers.

At the same time, 14% of all blocked Facebook threats were linked to Technical Support Scams, a sharp rise driven by phony Messenger-style pages that locked browsers and pushed users to call fake help lines. Facebook's reach and ad infrastructure continue to make it a powerful tool for fraud at scale.

Other key highlights from the report include:

• +21% increase in data breach events, with breached emails increasing by nearly 16%.
• Lumma Stealer remained active post-takedown, using a fresh infrastructure to continue transferring stolen data.
• +317% spike in malicious push notifications, often disguised as video players or system alerts.
• +62% rise in remote access attacks, led by the return of Wincir RAT and abuse of cloud services like OneDrive.
• DealPly adware, a threat that has been steadily declining, made a comeback particularly in the US, Brazil, France and India.
• A target on small businesses with infostealers, exploits, and remote access tools. Scams remained the top threat to small businesses.

The Gen family of trusted brands helps protect people from falling victim to the scams highlighted in this report through solutions like Norton Genie scam protection, available as a standalone app and included as part of the Norton 360 lineup, and Scam Guardian, newly added scam protection included with Avast Free Antivirus and Avast Premium Security. For Identity Theft, LifeLock helps keep people covered in the event of a breach or data exposure.

To read the full Q2/2025 Gen Threat Report, visit https://www.gendigital.com/blog/insights/reports/threat-report-q2-2025. 

About Gen

Gen (NASDAQ: GEN) is a global company dedicated to powering Digital Freedom through its trusted consumer brands including Norton, Avast, LifeLock, MoneyLion and more. The Gen family of consumer brands is rooted in providing financial empowerment and cyber safety for the first digital generations. Today, Gen empowers people to live their digital lives safely, privately and confidently for generations to come. Gen brings award-winning products and services in cybersecurity, online privacy, identity protection and financial wellness to nearly 500 million users in more than 150 countries. Learn more at GenDigital.com.

Media Contacts:

Brittany Posey-Thomas
Gen
Press@GenDigital.com

Courtney Rowles
Edelman for Gen
Courtney.Rowles@edelman.com

 

View original content to download multimedia:https://www.prnewswire.com/news-releases/gen-threat-report-unmasks-surge-in-pharmafraud-scams-and-the-evolving-face-of-cybercrime-in-an-ai-powered-world-302517293.html

SOURCE Gen Digital Inc.