Avast Threat Report Consumers Plagued with Refund Fraud, Tech Support Scams and Adware

Avast, a leader in digital security and privacy, and a brand of Gen saw an increase in threats using social engineering to steal money, such as refund and invoice fraud and tech support scams, during Q4 of the calendar year 2022. Cybercriminals also remained active in spying and information stealing, with lottery-themed adware campaigns used as a tactic to obtain people’s contact details. Avast threat researchers also discovered zero-day exploits in Google Chrome and Windows. These vulnerabilities have since been patched. These insights are covered in the Avast Q4/2022 Threat Report.

Recommended AI News: Complete Verkada Platform is Now Available Across the UK and Europe

“At the end of 2022, we have seen an increase in human-centered threats, such as scams tricking people into thinking their computer is infected, or that they have been charged for goods they didn’t order. It’s human nature to react to urgency, fear and try to regain control of issues, and that’s where cybercriminals succeed,” said Jakub Kroustek, Avast Malware Research Director. “When people face surprising pop-up messages or emails, we recommend they stay calm and take a moment to think before they act. Threats are so ubiquitous today that it’s hard for consumers to keep up. It is our mission to help protect people by detecting threats and alerting users before they can do any harm, using the latest AI-based technology.”

Growth in refund and invoice fraud, and tech support scams
The Avast threat labs also saw an increase in tech support scam activity. Top affected countries include the United States, Brazil, Japan, Canada, and France. These scams often start with a pop-up window that alerts people of an alleged malware infection and urges them to call a helpline to resolve the issue. Scammers will convince the caller to set up a remote connection to their computer, opening the door to theft of personal information and money, as the criminals try to access people’s bank accounts or crypto wallets, and ask for a payment for their services.

“We recommend people ignore such pop-up messages and close the window with the escape key, or if that’s not possible, restart their computer,” advises Kroustek. “Also, never give remote access to your computer to somebody you don’t know.”

Recommended AI News: Blotout Announces New Partnership with Fastly to Improve Meta Ad Spend with Blotout’s EdgeTag

The Avast threat labs also saw an uptick in refund and invoice fraud of 14% from October to November 2022, and another increase of 22% in December. Refund fraud works in a comparable way to tech support scams, and often comes in the form of an email that looks like it was sent from a trusted company. People will receive an email including a fake receipt making them believe they were charged for a purchase they didn’t make. People are then tricked into calling a phone number, where an agent asks them to create a remote connection to their computer and open their banking account, so the person can see how the refund is done. The goal of the attacker is to steal the person’s money. In the case of invoice fraud, people, and more often businesses, receive bills for goods or services the business never ordered or received.

“To avoid invoice fraud, people need to pay close attention to invoices they receive. Fraudulent invoices often look legitimate, and people need to verify whether an order really was made, the service received, and whether the sender is truly who they pretend to be,” said Kroustek.

Recommended AI News: Raising the Ceiling of Code-Free Programming for Robotics and Industrial Automation

[To share your insights with us, please write to sghosh@martechseries.com]