SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Phishing preys on known brands such as Microsoft and Adobe - report
Fri, 5th May 2023

In the first quarter of 2023 there was a significant increase in cyber attacks exploiting trust in established tech brands Microsoft and Adobe, according to Avast.

The Avast Q1 2023 Threat Report also found a 40% rise in the share of phishing and smishing attacks over the previous year. Overall, two out of three threats people encounter online today use social engineering techniques, taking advantage of human weaknesses, the report finds.

Malware, scams, and phishing attacks attempt to steal consumers’ sensitive data, like passwords, driver’s license numbers, and other personal identifiable information. When this data gets into the wrong hands, cyber criminals have the arsenal to easily steal someone’s identity.

Identity theft can lead to a nightmare of events, from scammers ruining people’s credit score, to selling their information on the dark web, and even impersonating people to pass background checks.

Jakub Kroustek, Avast Malware Research Director, says, “If you think your data has no value then why would scammers spend so much time trying to steal your data if it’s worthless? The truth is that anyone can be affected and it is important to stay vigilant and use proper protection.

“Unfortunately, scammers have made it nearly impossible to take any message as face value - all communications, whether seemingly from a friend, boss, or household brand, have potential to be fraudulent.”

According to Avast, cyber criminals know they can lure victims by using the names and likeness of well-known brands that consumers already trust. The company has observed this trend among two popular applications commonly used for work: Microsoft OneNote and Adobe Acrobat Sign.

Scammers are sending out Microsoft OneNote files as email attachments to victims. When someone opens the attachment, it triggers the download of malware onto a device.

Avast has spotted malware such as Qbot and Raccoon using this distribution technique to steal information, and has also observed IcedID, a banking Trojan, using OneNote attachments to steal money. During Q1 of 2023, Avast protected more than 47,000 global customers from these types of attacks.

In some cases, Avast researchers also observed cybercriminals exploit Adobe Acrobat Sign by adding malicious links into documents that are sent from legitimate Adobe email addresses. These links prompt victims to download .ZIP files, which contain a variant of the Redline Trojan that can steal passwords, crypto wallets, and more.

Kroustek says, “My advice is to take extra caution with any email asking you to download files or click on a link, even those that appear to be from reputable brands. Cyber Safety software can act as a safety net for providing an extra layer of security to these types of savvy attacks that are increasingly targeting people.”

Avast finds that phishing continues to be another way scammers take advantage of trust, posing a significant and rising threat to consumers. The Avast team found that the share of global phishing attempts among all threats blocked in Q1 was up 40% compared to the same quarter in 2022.

One type of phishing scam on the rise is refund and invoice scams, which happen when fraudsters send false bills or invoices for goods or services that were never ordered or received. Scammers often use household names with recognisable branding and logos to make these scams appear legitimate. Invoice scams had a sharp uptick in Q1 2023, rising 19% in the U.S. compared to Q4 2022.

The pervasiveness of attacks via mobile text messages, called smishing attacks, has also contributed to the rising rate of phishing incidents. The issue has become so severe that in March of this year, the U.S. Federal Communications Commission (FCC) announced its first rules targeting smishing by requiring that mobile service providers block certain robotext messages that are likely to be illegal. Common smishing attack themes include financial alerts, package delivery notifications, tax alerts, charity scams and lottery scams.

Kroustek comments, “Scammers often play off victims’ emotions by creating a sense of urgency in their messages. If you receive an email or text out of the blue with an urgent request, or a message that seems too good to be true, take a few extra moments to verify it before acting.

“Always take a close look to confirm that an email or text is coming from a trusted sender, and if you have any doubt, go directly to the source, whether that be a person you know or a company’s help portal.”