Anyone with an email account needs to remain cautious with security experts warning that cyber attacks are on the rise. The team at Avast say there has been a significant increase in online threats during the first part of the year with most targeting victims via their email accounts.
Perhaps one of the most terrifying new threats is a message that claims to be from trusted firms such as Microsoft or Adobe.
These messages look real, but they contain a nasty surprise. As soon as the included attachment is opened, it triggers the instant download of malware onto a device.
Avast says it has spotted vicious bugs such as Qbot and Raccoon using this distribution technique to steal information, and has also observed something called IcedID, a banking Trojan, using OneNote attachments to steal money.
“My advice is to take extra caution with any email asking you to download files or click on a link, even those that appear to be from reputable brands,” said Avast’s Jakub Kroustek.
“Cyber Safety software can act as a safety net for providing an extra layer of security to these types of savvy attacks that are increasingly targeting people.”
Along with those dangerous attachments, Avast also found a 40% rise in the share of phishing and smishing attacks over the previous year.
These scams often use urgency in the message to try and trick people into clicking on links and entering personal details such as user names and even passwords.
When this data gets into the wrong hands, cybercriminals have the arsenal to easily steal someone’s identity. This can lead to a nightmare of events, from scammers ruining people’s credit score, to selling their information on the dark web, and even impersonating people to pass background checks.
“If you think your data has no value then why would scammers spend so much time trying to steal your data if it’s worthless? The truth is that anyone can be affected and it is important to stay vigilant and use proper protection,” added Kroustek, Avast Malware Research Director. “Unfortunately, scammers have made it nearly impossible to take any message as face value – all communications, whether seemingly from a friend, boss, or household brand, have potential to be fraudulent.”
One final thing to watch out for are refund and invoice scams. These had a sharp uptick in Q1 2023, rising 26% in the UK compared to Q4 2022 according to Avast.
Fraudsters use this method to send false bills or invoices for goods or services that were never ordered or received. Scammers even use household names with recognizable branding and logos to make these scams appear legitimate. Invoice scams had a sharp uptick in Q1 2023, rising 26% in the UK compared to Q4 2022.
Always take care when opening any emails and only download files or click on links if you are 100% sure the message is genuine.
"Scammers often play off victims’ emotions by creating a sense of urgency in their messages. If you receive an email or text out of the blue with an urgent request, or a message that seems too good to be true, take a few extra moments to verify it before acting,” added Kroustek.
"Always take a close look to confirm that an email or text is coming from a trusted sender, and if you have any doubt, go directly to the source, whether that be a person you know or a company’s help portal."
