Social engineering biggest threat to online safety - Avast
Social engineering, the use of psychologically manipulating people into sharing personal information, is now the biggest threat to online safety, according to Avast, a digital security and privacy specialist.
The Avast Q2 Threat Report found that over 75% of all threat detections on desktops were attributed to scams, phishing, and malvertising. Data for the quarter, April through June 2023, also showed a significant increase in overall cyber risks, with an increase of 24% in unique attacks blocked over the previous period, the highest risk seen in three years.
Jakub Kroustek, Avast Malware Research Director, comments, "Our findings signify a marked shift in the cybersecurity landscape. Not only are the number of threats some of the highest on record, but malicious actors are also turning more to psychological manipulation more often than traditional techniques of malware attacks."
"This results in the need for our security to adapt but also the need for people to better understand scams and educate themselves as an additional layer of defense."
Scams account for 3/4 of all detections
Scams of all types continue to increase, now accounting for over three-quarters of all detections. From April through June alone, Avast researchers have uncovered a range of prolific scams ranging from dating hoaxes to fraudulent donation sites to deceptive advertising to thousands of new phishing emails.
The methods may vary, but the end goal remains the same: to deceive unsuspecting individuals into revealing sensitive information or parting with their hard-earned money.
Phishing, requests for information seemingly from a well-known and trusted entity such as a bank or a government agency, accounted for 25% of all threats in Q2. They prey on human instincts of trust and create a sense of urgency, compelling victims to divulge confidential information or engage in financial transactions under false pretenses.
Furthermore, the adoption of smishing, phishing through SMS, has capitalised on the high open rates and innate trust individuals place in text messages.
There are also indicators of future trends on mobile, such as cyber criminals using AI to craft nearly perfect imitations of legitimate communication, making it increasingly difficult for individuals to differentiate between what is real and what isn't.
Adware and coinminers change tactics
While adware showed a decline in prevalence in Q2 over the previous quarter, it continues to persist across desktop, mobile, and browser platforms. One notable example is the HiddenAds campaign, an adware threat attached to well-known gaming applications which garnered tens of millions of downloads during its app store reign.
In the ever-evolving landscape of cryptocurrency mining, coinminers have been facing a continuous decline in their activity, with a 4% decline in risk ratio over Q1 of 2023 supported by challenges for authors due to the shift from proof-of-work to proof-of-stake for numerous cryptocurrencies.
Avast novel research
Avast researchers continued to discover new remote access trojans such as HotRat, a .NET reimplementation of AsyncRat, featuring numerous new commands and features.
Another successful discovery was CVE-2023-29336, a local privilege escalation vulnerability in win32k on the Windows kernel. Prompt action led to a patch in the May security update, ensuring user safety via responsible disclosure.
Ransomware continues to taunt businesses
Ransomware remained an ongoing concern in Q2 of 2023. Despite a slight decline in prevalence, ransomware authors persist in targeting victims, relying increasingly on targeted attacks and exploits to penetrate company networks. Notably, successful attacks on widely used software, such as PaperCut, underscore the evolving tactics of ransomware operators, who more than ever experiment with encryption-less extortion techniques and doxing.
To support individuals and businesses impacted, Avast researchers developed a free decryption tool for Akira Ransomware. This tool has already assisted numerous ransomed victims in restoring their files and businesses, further reinforcing our commitment to providing solutions and assistance to those in need.