Social engineering, the use of psychologically manipulating people into sharing personal information, is now the biggest threat to online safety, according to Avast, a leader in digital security and privacy and brand of Gen.
The Avast Q2 Threat Report, released today, found that over 75% of all threat detections on desktops were attributed to scams, phishing, and malvertising. Data for the quarter, April through June 2023, also showed a significant increase in overall cyber risks, with an increase of 24% in unique attacks blocked over the previous period, the highest risk seen in three years.
“Our findings signify a marked shift in the cybersecurity landscape,” says Jakub Kroustek, Avast Malware Research Director.
“Not only are the number of threats some of the highest on record, but malicious actors are also turning more to psychological manipulation more often than traditional techniques of malware attacks. This results in the need for our security to adapt but also the need for people to better understand scams and educate themselves as an additional layer of defense.”
The Rise of Scams
Scams of all types continue to increase, now accounting for over three-quarters of all detections. From April-June alone, Avast researchers have uncovered a range of prolific scams ranging from dating hoaxes to fraudulent donation sites to deceptive advertising to thousands of new phishing emails. The methods may vary, but the end goal remains the same: to deceive unsuspecting individuals into revealing sensitive information or parting with their hard-earned money.
Phishing – requests for information seemingly from a well-known and trusted entity such as a bank or a government agency – accounted for 25% of all threats in Q2. They prey on human instincts of trust and create a sense of urgency, compelling victims to divulge confidential information or engage in financial transactions under false pretenses. Furthermore, the adoption of smishing – phishing through SMS – has capitalised on the high open rates and innate trust individuals place in text messages.
There are also indicators of future trends on mobile, such as cybercriminals using AI to craft nearly perfect imitations of legitimate communication, making it increasingly difficult for individuals to differentiate between what is real and what isn't.
Australia saw a massive surge (89%) in scam attacks which began in April and lasted the duration of the quarter. Attackers have focused mostly on malvertising and malicious browser push notifications as a delivery mechanism for these scams. As a result – scam attacks now form more than a half of all the blocked attacks in the Avast userbase.
Adware and Coinminers Decrease Slightly, Changing Approach
While adware showed a decline in prevalence in Q2 over the previous quarter, it continues to persist across desktop, mobile, and browser platforms. One notable example is the HiddenAds campaign, an adware threat attached to well-known gaming applications which garnered tens of millions of downloads during its app store reign.
In the ever-evolving landscape of cryptocurrency mining, coinminers have been facing a continuous decline in their activity, with a 4% decline in risk ratio over Q1 of 2023 supported by challenges for authors due to the shift form proof-of-work to proof-of-stake for numerous cryptocurrencies.
Avast Novel Research
Avast researchers continued to discover new remote access trojans such as HotRat, a .NET reimplementation of AsyncRat, featuring numerous new commands and features.
Another successful discovery was CVE-2023-29336, a local privilege escalation vulnerability in win32k on the Windows kernel. Prompt action led to a patch in the May security update, ensuring user safety via responsible disclosure.
Ransomware Continues to Taunt Businesses, Avast Releases Decryption Tools
Ransomware remained an ongoing concern in Q2 of 2023. Despite a slight decline in prevalence, ransomware authors persist in targeting victims, relying increasingly on targeted attacks and exploits to penetrate company networks. Notably, successful attacks on widely used software, such as PaperCut, underscore the evolving tactics of ransomware operators, who more than ever experiment with encryption-less extortion techniques and doxing.
To support individuals and businesses impacted, Avast researchers developed a free decryption tool for Akira Ransomware. This tool has already assisted numerous ransomed victims in restoring their files and businesses, further reinforcing our commitment to providing solutions and assistance to those in need.
Avast Free Antivirus, all Avast’s premium versions, and Avast Secure Browser provide top protection against phishing attacks, which is verified in quarterly tests by independent testing organisation AV-Comparatives.