Cybersecurity giant Avast has published its Q4 2022 Threat Report, which takes a closer look at the type of scams targeting vulnerable users.
Some of the most notable scams have been social engineering that exposes human error, such as refund and billing fraud tactics, as well as alleged tech support scams. Lottery-themed adware campaigns remained as widespread as in previous quarters.
In addition to scams, the company noticed a few zero-day exploits in Chrome and Windows, which have since been patched, highlighting the importance for users to keep software up to date.
Popular email scam
Jakub Kroustek, research director of Avast Malware, explained that cybercriminals attribute much of their success to human nature, leading us to respond with urgency and fear as we try to regain control of the problems.
Kroustek’s advice is: “If people are confronted with surprising pop-up messages or emails, we advise them to keep calm and think before acting.”
During the final months of 2022 leading up to Christmas, an alarming increase in chargebacks and billing fraud was seen as misguided users gave malicious actors control of their screen and online banking. Instead of calling the number on the scam email, insecure users may want to go directly to the platform’s website and use a number they are sure of.
Data theft also occurred in several lottery-type pop-ups, as well as the Arkei information thief, which saw a staggering 437% increase. Arkei is known for stealing information from, among other things, the automatically filled forms of browsers.
Finally, a few zero-day exploits were found in Google Chrome and Windows. Avast says both companies were notified and responded immediately, minimizing risk to users.