The Avast Q1 2023 Threat Report: A Rise in Phishing Attempts and New Malware Distribution Tactics Exploiting Trust in Established Brands
The Avast Q1 2023 Threat Report has highlighted a concerning trend in cyberattacks targeting trust in well-known tech brands such as Microsoft and Adobe. The report reveals a significant increase in phishing attempts, with a 40% rise in the share of phishing and smishing attacks compared to the previous year. These attacks leverage social engineering techniques to exploit human vulnerabilities and trick individuals into divulging sensitive information.
According to Jakub Kroustek, Avast Malware Research Director, scammers are relentless in their efforts to steal valuable data, emphasizing the importance of staying vigilant and using robust protection measures. He warns that scammers have become adept at impersonating trusted sources, making it increasingly challenging to discern genuine communications from fraudulent ones.
One of the key findings of the report is the exploitation of trust in established brands such as Microsoft and Adobe. Scammers have been using tactics that target users’ familiarity with popular applications like Microsoft OneNote and Adobe Acrobat Sign. For example, malicious actors have been circulating email attachments disguised as Microsoft OneNote files, which, when opened, trigger malware downloads. Avast has identified malware like Qbot and Raccoon using this method to steal sensitive information, while the banking Trojan IcedID has been observed using OneNote attachments to carry out financial fraud. In the first quarter of 2023, Avast safeguarded over 47,000 global customers and more than 18,000 U.S. customers from these attacks.
Similarly, cybercriminals have been exploiting Adobe Acrobat Sign by inserting malicious links into documents sent from legitimate Adobe email addresses. These links prompt victims to download .ZIP files containing variants of the Redline Trojan, capable of stealing passwords, cryptocurrency wallets, and other valuable data. Kroustek advises users to exercise caution when downloading files or clicking on links, even if they appear to be from reputable brands, and recommends the use of cyber safety software for added protection against sophisticated attacks.
The report also highlights the escalation of phishing attacks, with a 40% increase in global phishing attempts compared to the same period last year. Refund and invoice scams have been particularly prevalent, where scammers send fake bills or invoices to unsuspecting victims, leveraging well-known brands to lend legitimacy to their fraudulent schemes. In the U.S., invoice scams rose by 19% in the first quarter of 2023 compared to the previous quarter.
Another concerning trend is the rise of smishing attacks, where fraudsters exploit mobile text messages to deceive individuals. The Federal Communications Commission (FCC) in the U.S. recently announced rules targeting smishing, underscoring the severity of the issue. Kroustek advises users to be wary of unsolicited messages that create a sense of urgency or offer unrealistic rewards, urging them to verify the sender’s authenticity before taking any action.
The Avast Q1 2023 Threat Report serves as a stark reminder of the evolving tactics used by scammers to deceive individuals and steal valuable data. It underscores the importance of maintaining a high level of vigilance and adopting robust cybersecurity measures to safeguard against these threats. By taking precautions when interacting with emails, texts, and attachments, users can protect themselves from falling victim to sophisticated cyber scams.
In conclusion, the report emphasizes the role of cyber safety software, such as Avast’s Web Shield technology, in providing an additional layer of security against phishing attacks and other forms of cyber threats. By staying informed and taking proactive steps to secure their digital presence, individuals can mitigate the risk of falling prey to malicious actors seeking to exploit trust in established brands. For more detailed insights from the Avast Q1 2023 Threat Report, readers can access the full report through the provided link.
Leave a Reply