1. Unwanted Software

Unwanted software installed on tens of millions of computers in America is associated with billions of dollars in fraud every year, according to the National Consumers League, which operates Fraud.org.

"When you download free software, it might come with an unexpected addition: Hidden programs that can cause problems on your computer ranging from the merely annoying to truly dangerous," John Breyault, vice president of public policy, telecommunications and fraud at the NCL, said.

A May 2015 study by Google, the University of California, Berkeley and the University of California, Santa Barbara found tens of millions of visitors to Google's services had unwanted adware installed on their systems. Unwanted software was the source of nearly 20% of complaints from Chrome users alone in 2014.

A similar study by Israeli security company Namogoo found 15% to 30% of e-commerce website visitors were infected with malware, causing them to view injected ads, malicious links and fraudulent spyware on otherwise legitimate sites.

Unwanted software can slow computers to a crawl, prompt expensive computer support services to get the infections removed, and, perhaps worst of all, raise the risk of identity fraud.

"Some software will disable security protections and settings to take control of a consumer's computer, leaving that computer vulnerable to hackers and data thieves," Breyault said.

2. Tax Phishing Scams

A recent IRS press release addressed phone scams and email phishing schemes targeting taxpayers. Scammers have tried to trick victims into verifying the last four digits of their Social Security number by asking them to click on a provided link. Criminals specifically stated the request was for tax filers in Washington, D.C., Maryland and Virginia.

"As we approach the final days of this filing season, we continue to see these tax scams evolve," IRS Commissioner John Koskinen said. "We don't send emails like this, and there's no special effort underway for people in the District of Columbia, Virginia and Maryland."

The IRS generally does not initiate contact with taxpayers by email to request personal or financial information. This includes any type of electronic communication, such as text messages and social media channels.

In February, the IRS announced a 400% increase of reported scams compared to the same period in 2015.

3. Tech Support Scams

The Federal Trade Commission released an alert on tech support themed telephone scams in which fraudulent callers claiming to represent legitimate tech support organizations offered to fix nonexistent computer problems.

The calls come from someone claiming to represent the Global Privacy Enforcement Network, a real organization. In their scheme, they tell the victim that their hacked email account is sending fraudulent messages. They say they will have to take legal action against that person, unless they are allowed to fix the problem right away. If the individuals ask questions, the scammers turn up the pressure.

4. Ransomware

In a new blog post, the Clifton, N.J.-based cybersecurity firm Comodo cited antiquated security technology as one main reason for an increase in ransomware attacks, particularly in the medical field but also at financial institutions and government agencies.

According to Comodo, the traditional, signature-based detection and default-allow architecture, which many IT departments employ, are very ineffective in fighting emerging ransomware attacks.

"IT departments need to take some decisive steps before they too are victimized," Zach Forsyth, director of product strategy for Comodo, said.

The first step is to replace aging security solutions with a more modern, secure web gateway to effectively block malware and contain untrusted files in-flight, he said. Next, ensure that endpoint protection solutions go beyond simple, signature-based detection.

"If your anti-malware solution doesn't recognize a file, then it should be classed as untrusted and totally contained until it is deemed to be safe," Forsyth said.

With so many new malware strains and variants introduced every day, signature-based detection and default-allow are dead ends and a giant waste of money, Forsyth added.

"Buying into that architecture is futile against modern malware," he said.

5. Dridex's Spreading of Locky

buguroo, a Deloitte Europe spinoff company composed of bug experts, found a rare vulnerability of Dridex code that could signal a change in the use of ultra-sophisticated malware. Analysis showed different cyberattacker groups, which are not necessarily the same ones that developed Dridex, changed the workflow to steal credit card and other financial information instead of hijacking accounts and transferring funds as usual.

Cybercriminals are using Dridex to propagate the dangerous Locky ransomware, which Forbes said claims approximately 90,000 systems per day (more than one per second) and typically asks users for 0.5-1 Bitcoin (or $420) to unlock their systems.

Other findings revealed the latest campaign used an automatic transfer system mechanism.

Dridex compromises victims' data in many ways. In just one subnet campaign, Dridex compromised data from more than 100 countries and credit card data belonging to more than 900 entities.