Cyber security is in an interesting spot at present. On one hand, we’ve never had so many cyber security tools available that can prevent attacks and alert areas of suspicion, especially with AI integration, says Jakub Kroustek, Director of Malware Research for Avast
Avast blocked a record-breaking 10 Billion Attacks in 2023, almost a 50% Increase from 2022’s numbers. And with this, we’ve seen greater diversity in the attacks targeting consumers and businesses alike. But why is the number of attacks increasing so sharply? And what tactics utilized by attackers do we need to watch out for carefully?
Cyber security is in an interesting spot at present. On the one hand, we’ve never had so many cyber security tools available to prevent attacks and alert areas of suspicion, especially with AI integration. On the other hand, we’re also seeing a rise in the number of cybercriminals using AI to their advantage, which means cyber threats aren’t as obvious as they were a couple of years ago.
The latest Avast Threat Report looked at the threat landscape from October to December 2023 and saw scams, phishing, and malvertising continue to account for more than 75% of all cyber threats. What’s really notable is how frequently attacks seek to leverage smart phones, with many of these threats leveraging malicious push notifications and new AI methods such as deepfakes to lure victims into sophisticated financial fraud. The past quarter was also marked by a surge in malware attacks utilizing PDF files and new techniques of exploiting Google to steal information.
Also Read: Identity Management in the Cloud – Mitigating Security Concerns
It’s clear that cybercriminals have shifted from relying only on social engineering tactics to further exploiting trusted digital mediums. Whether this is highly believable deepfake video scams, as we’ve recently seen with targeted videos featuring finance expert Martin Lewis, or threats spreading through PDF files, utilizing the multi-platform compatibility of PDF attachments – the ever-changing digital landscape is offering new avenues for cybercriminals to capitalize on. The way we as consumers (and workers) now use our digital devices has transformed how cybercriminals work, and where they are now looking to exploit the vulnerabilities inherent in our everyday digital life.
PDF Caution – Be Careful What You Open
In the three months of 2023, Avast blocked more than 10 million PDF-based attacks, protecting more than 4 million users worldwide. Threat actors turned their attention to PDF files in the final months of the year, weaving a complex web of attacks. Avast researchers observed a number of differing PDF-related threats and scams, ranging from simple lottery and dating scams to documents containing deceptive information, such as phishing links directing people to pages mimicking well-known brands like Amazon or Netflix.
The abundance of PDF-based cyber threats outlines a significant shift in the tactics of cybercriminals. PDF files are popular due to their platform-agnostic nature, which allows them to be seamlessly opened from any device, making them the ultimate delivery payload. Furthermore, spam gateways often allow PDF attachments by default, adding another layer of vulnerability.
Scams Are Getting Tougher to Tackle, From Push Notifications to Deepfakes
Web threats continued to dominate in 2023. Scams, phishing, and malvertising ranked as the top threat types overall. The continued use of malicious browser push notifications has escalated considerably and has become a preferred tool for scammers across various domains, from adult content sites to technical support scams.
As we look closer at the methods of delivery for scams, AI continues to be used by criminals to create more believable scams. Deepfake videos, which can include celebrities and people of note, often endorsing investment scams, displayed a heightened level of sophistication in the year’s final quarter, challenging the ability to distinguish between real and fabricated content.
The Exploitation of Cookies
The last quarter of 2023 brought a fascinating new stealing capability, which was rapidly altered by those seeking to steal information. By abusing the Google OAuth endpoint, which is used for synchronizing accounts across Google services, attackers were able recover authentication cookies. This type of cookie can store a unique identifier that verifies a user’s identity and permissions when accessing websites. With authentication cookies, threat actors are able to gain access to login information and other sensitive data.
With the rapid integration of malicious push notifications, PDF deception and cookies exploitation, now more than ever it’s essential for users to be vigilant when accessing content and data online. Utilizing tools at their disposal to stay safe has to be a necessity in 2024, given the complexities of attackers and the rapid adoption of AI by hackers. As we look ahead to the next Avast Threat Report for Q1 2024, whilst we hope to see a reduction in attacks blocked, with the tools at attackers’ disposal, this looks more like a daydream. A silver lining, however, is that cybersecurity tools, such as Norton Genie, are equally as sophisticated, leveraging the latest technologies and AI to prevent disaster.
Check Out The New ITsecuritywire Podcast. For more such updates follow us on Google News ITsecuritywire News.
