How online criminals prey on you
Scams involving social engineering over email and text are up 40 per cent compared to this time last year, according to a major antivirus software company.
Avast, a Czech-based multinational cybersecurity firm, has released its latest threat report covering the first quarter of 2023.
It found two-out-of-three online threats people encounter use social engineering techniques, taking advantage of human weakness.
This includes scams like phishing and smishing, where a scammer will try and trick people into giving up sensitive information such as passwords or their tax file number through email or SMS.
Avast malware research director Jakub Kroustek said this can lead to identity theft, ruined credit scores, or the information being sold on the dark web.
“If you think your data has no value then why would scammers spend so much time trying to steal your data if it’s worthless?” Mr Kroustek said.
“The truth is that anyone can be affected and it is important to stay vigilant and use proper protection.
“Unfortunately, scammers have made it nearly impossible to take any message at face value – all communications, whether seemingly from a friend, boss or household brand, have potential to be fraudulent.”
Two apps in particular have been repeatedly used to load malware into people’s systems: Microsoft OneNote and Adobe Acrobat Sign.
The OneNote attachments on scam emails install malware when opened, while Adobe Sign documents can contain malicious links, and appear to be sent from legitimate Adobe email addresses.
“My advice is to take extra caution with any email asking you to download files or click on a link, even those that appear to be from reputable brands,” said Mr Kroustek.
“Scammers often play off victims’ emotions by creating a sense of urgency in their messages.
“If you receive an email or text out of the blue with an urgent request, or a message that seems too good to be true, take a few extra moments to verify it before acting.
“Always take a close look to confirm that an email or text is coming from a trusted sender, and if you have any doubt, go directly to the source, whether that be a person you know or a company’s help portal.”