A recent report by Avast has revealed a significant increase in cyberattacks during the first quarter of 2023. The attacks targeted popular technology brands like Microsoft and Adobe, taking advantage of the trust associated with these established names.
Avast’s report also highlights a 40% increase in the prevalence of phishing and smishing attacks from the previous year. Moreover, the report underscores that two-thirds of online threats today employ social engineering tactics that exploit human vulnerabilities.
The report further explains that various cyber threats, including malware, scams, and phishing attacks, aim to pilfer sensitive information such as passwords, Tax File Numbers, and other personally identifiable information.
According to Avast, cybercriminals are aware that they can entice victims by exploiting the established trust associated with well-known brands. The company has identified this trend in two widely used work applications, namely Microsoft OneNote and Adobe Acrobat Sign
It also noted “Identity theft can lead to a nightmare of events, from scammers ruining people’s credit score, to selling their information on the dark web, and even impersonating people to pass background checks,”
Jakub Kroustek, Avast Malware Research Director said “If you think your data has no value then why would scammers spend so much time trying to steal your data if it’s worthless? The truth is that anyone can be affected, and it is important to stay vigilant and use proper protection,”
“Unfortunately, scammers have made it nearly impossible to take any message at face value – all communications, whether seemingly from a friend, boss, or household brand, have potential to be fraudulent,” he said
Avast also cautioned that scammers are employing email attachments containing Microsoft OneNote files to target victims, which then triggers malware downloads onto their devices.
It observed that cybercriminals are using malware like Qbot and Raccoon to pilfer sensitive information through this distribution technique.
Additionally, the security company also detected the use of OneNote attachments by IcedID, a banking Trojan, to steal money.
Avast also revealed that its Web Shield technology, integrated into all Avast Antivirus versions, has the capability to scan and unpack OneNote files to detect malware. Additionally, Avast’s threat research team has developed specific heuristics and Yara rules to ensure people’s safety from these threats.
The peril of phishing continues to loom large over unsuspecting consumers after the team uncovered that the worldwide proportion of phishing attempts among all obstructed threats in Q1 surged by a staggering 40% compared to the same period in 2022.
The ominous rise in these attacks highlights the pressing need for constant vigilance and effective countermeasures to combat this nefarious cyber threat.
One form of phishing scam on the rise is refund and invoice scams. These scams occur when fraudsters send false bills or invoices for goods or services that were never ordered or received.
Scammers often use household names with recognisable branding and logos to make these scams appear genuine. There was a significant rise in invoice scams during Q1 of 2023,
The increasing number of phishing incidents is also being propelled by the widespread occurrence of smishing attacks through mobile text messages. These attacks typically use common themes such as financial alerts, package delivery notifications, tax alerts, charity scams, and lottery scams.
The sinister plague of smishing attacks has grown so pervasive that the Australian Federal Government has declared an all-out war against the perpetrators.
In a bold and decisive move, the government has committed a whopping $10 million allocation over four years from the upcoming budget to create a new SMS sender ID registry.
This formidable tool will act as an impregnable barrier, blocking scammers from impersonating trusted contacts and unleashing their malicious schemes on unsuspecting victims
During the first quarter of 2023, Avast protected more than 47,000 customers globally, including 940 in Australia from cyber attacks and other threats
