SecurityBrief UK - Technology news for CISOs & cybersecurity decision-makers
United Kingdom

Guides

#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware

Search

Shadowy figure in hoodie laptop london landmarks digital icons online scams fake pharmacies
#
Ransomware
#
Advanced Persistent Threat Protection
#
Physical Security

Fake pharmacies, AI-driven scams surge in UK cyber landscape

Thu, 31st Jul 2025
Author image
By Jed Nykolle Harme, Editor

Gen's latest Threat Report details a significant rise in fake pharmacies, the emergence of AI-powered ransomware, and wider increases in online scam and malvertising threats affecting users in the United Kingdom and worldwide.

The report identifies a global escalation in cyber threats, with a particular focus on PharmaFraud – a widespread network of fake online pharmacy websites. Gen's research found over 5,000 such sites operating internationally, often masquerading as legitimate pharmacies to lure individuals seeking high-demand medicines such as fake Viagra, counterfeit Ozempic, as well as unregulated antibiotics, steroids, and fertility treatments. These sites are designed to harvest personal and financial data from unsuspecting users.

According to Gen, these fraudulent pharmacies employ various tactics including the injection of malicious code into medical websites, manipulation of search engine results, and the use of AI-generated health blogs and fake customer reviews. The sites often appear highly convincing, with professional layouts, fictitious customer service details, and comprehensive product information. However, warning signs include offers of prescription-only medications at suspiciously low prices, absence of contact information, requests for payments in cryptocurrency, unsecured checkout processes, and demands for sensitive data.

"Fake and illegal online pharmacies are a growing threat to patient safety. Medicines are not ordinary consumer products – they can cause real harm if taken inappropriately, and there are no guarantees about the safety, effectiveness or ingredients of medicines bought from unverified online sources. These medicines may be out of date, substandard or contain dangerous substances," said Laura Wilson, Director at Royal Pharmaceutical Society.

The report also notes Gen's detection and blocking of one million attacks from these fake pharmacy sites. Alongside this, Gen reported a 21% growth in data breaches, a 340% increase in global financial scams with the UK as a primary target, and a doubling in sextortion scam activity since the last quarter.

AI-powered threats

Gen highlighted a significant development in cybercrime with the identification and disruption of FunkSec, a ransomware strain built using generative AI. Although FunkSec was capable of encrypting files and demanding payments, Gen working with law enforcement and cybersecurity researchers, uncovered a cryptographic vulnerability, allowing users to recover their data without paying a ransom through a free decryptor provided by Avast. Reports indicate that FunkSec is no longer actively operating.

"Cyber threats continue to be smarter, faster, and more personal. From AI-powered ransomware to fake online pharmacies, the risks are real – and increasingly difficult for people to spot. But with global cooperation, advanced detection, and a relentless commitment to developing products that stop the latest threats, we can stay one step ahead. While threats continue to evolve, so does our ability to fight them," said Siggi Stefnisson, Cyber Safety CTO at Gen.

UK sees marked increase in scams and malvertising

Within the UK, there has been a sharp increase in threats connected to online scams and malvertising. Malvertising delivered via push notifications rose 343%, often disguised as video players or system warnings. Sextortion scams climbed by 78%, and tech support scams by 72%, frequently propagated through fake browser popups and fraudulent helplines. Scammers often used social engineering tactics to convince victims to disclose sensitive information or make payments.

The report identifies Facebook as a notable platform for cybercriminals, with many scams originating from deceptive advertisements and fake pages. Deepfake videos and chatbot forms have been employed to gather personal and financial information, often under the guise of legitimate investment or legal support offers. 14% of all Facebook threats blocked by Gen were associated with technical support scams, driven by fake Messenger-style pages that encouraged users to call counterfeit helplines.

Wider cyber threat landscape

Additional findings in the report include a 21% rise in data breach incidents, with almost 16% more breached email accounts. There was also a 317% spike in malicious push notification campaigns, and a 62% rise in remote access attacks, primarily attributed to malware such as Wincir RAT and the exploitation of cloud services such as OneDrive. Meanwhile, traditional adware such as DealPly has resurfaced in various global markets, including the US, Brazil, France, and India.

Small businesses continue to be targeted by infostealer malware, exploit attacks, and remote access tools, with fraudulent online scams representing the most prevalent threat for these organisations. Despite ongoing efforts, information and identity theft remain substantial risks for consumers and businesses alike.

Related stories
AppOmni study pegs average SaaS breach at USD $1.365m
Data Privacy Day spotlight on control, resilience, design
AI surge exposes cloud security gaps, report warns
Retail & wholesale hit by exposed shared credentials
Misconfigured cloud training labs open paths to attacks

Top stories

Claroty raises USD $150m to boost CPS cyber security
GitHub unveils Copilot SDK to power AI agent workflows
Preparing campus and branch networks for AI demand
EU Cybersecurity Act revamp targets high risk vendors
Experts warn AI era demands tougher data protection