In the concluding quarter of 2023, Avast observed an alarming escalation in cyber threats, with over 10 million attacks involving PDF files alone, affecting more than 4 million users worldwide. These attacks ranged from simple lottery and dating scams to more elaborate schemes involving phishing links that mimic reputable brands such as Netflix or Amazon. The report also noted an increased use of deepfake videos and malicious browser notifications by scammers to create more convincing and challenging-to-detect frauds.
Key Highlights:
- Scams and Phishing: Over 75% of cyber threats comprised scams, phishing, and malvertising, with a notable use of malicious push notifications and deepfakes.
- PDF File Exploits: More than 10 million PDF-based attacks were thwarted, protecting over 4 million users globally.
- Sophisticated Techniques: Cybercriminals are increasingly exploiting digital mediums and trusted platforms to conduct their attacks.
- Information Theft: New tactics have been observed, such as exploiting Google OAuth endpoints to steal authentication cookies, enabling unauthorized access to sensitive data.
Jakub Křoustek, Malware Research Director at Avast, stressed the importance of being vigilant online and the need for tools to enhance digital safety in light of these evolving threats. The report further detailed the emergence of information stealers exploiting cookies, particularly through the abuse of Google OAuth endpoints, a method first adopted by the malware-as-a-service stealer Lumma.
For those interested in learning more about the evolving cyber threat landscape and the detailed findings of Avast’s Q4 2023 threat report, further information is available on Avast’s official blog.
 
 

 
                                
                              
		 
		 
		 
		 
		 
		 
		 
		 
		 
		 
		 
		 
		 
		