Latest Avast Threat Report Finds 50% Surge Fueled by AI-Supported Finance and Dating Scams, Mobile Scams, Adware, Spyware and Malvertising
Although less people spent time online in July, August and September, Avast, a leader in digital security and privacy, and a brand of Gen™ (NASDAQ: GEN), has blocked over 1 billion attacks per month – a record high. The latest Avast Threat Report, released today, breaks down some of the greatest risks in our connected digital world, from cybercriminals using social engineering and AI while running scams to the rise in adware and malvertising.
“Typically, during vacation times people spend less time online, and in turn, we see less cyber threats. This year, we were blown away to see the opposite,” said Jakub Kroustek, Avast Malware Research Director. “Apparently the days of cyberthreat seasonality are long gone with the increased use of AI and advanced tools at the fingertips of cybercriminals. Whether people are using social media, dating online, streaming shows or even just answering emails, it’s important they’re aware of potential threats when they go about their day-to-day activities.”
Threats Hidden in Ads and Spyware
- Adware: Adware doubled globally from July through September 2023 over the previous quarter. A new strain of mobile adware dubbed “Invisible Adware” has already gathered over two million downloads in the Google Play Store. These applications display advertisements while the device screen is off, gaining revenue through fake clicks and views. This is not only contributing to ad fraud but can also impact battery life and potentially install dangerous software without a person’s knowledge.
- Malvertising: Malvertising activity spiked significantly, especially during September as people returned to school and work after vacation. Using pop-up messages and push notifications, cybercriminals exploit recognizable logos of well-known companies, usually informing people that their device has been infected with a virus. These pop-ups lead to a phishing website where they are asked to enter credit card information under the guise of providing antivirus services. Push notifications are especially effective on mobile, where they can be easily disguised as system notifications such as an unanswered call or a new text message.
- Spyware: People should also be wary of spyware apps on their mobile devices, which are now more difficult to spot. One of the most recent is the fake Red Alert missile waring app that is used by many in Israel to monitor missile warnings. This app was distributed through a phishing website and contained identical features as the original with added abilities that allow it to spy on its victims. This included extracting the call log, SMS lists, location, and emails.
Finance and Dating Scams
- Finance Scams: While people were enjoying time away from their devices, scammers were hard at work. The risk of encountering scams has grown significantly, with the most affected countries being Japan (+19%), Greece (+17%), United States (+14%), Austria (+13%), and Germany (+12%). Social media sites have become global platforms for spreading highly targeted and precisely tailored cryptocurrency scams. These scams are often initiated with a deepfake video of a famous personality, such as Elon Musk, Mr. Beast, Donald Trump and others, promising a significant amount of bitcoin if people sign up for a promoted platform and pay a small fee to verify their account. Victims find that not only is the promised bitcoin unattainable, but any transferred funds to the platform are irretrievably lost to the scammers.
- Dating Scams: Avast researchers recently discovered a threat called Love-GPT. This AI-driven tool helps scammers create realistic personas on popular dating apps, allowing them to reach out to even more victims. The level of dating scams increased by 34% globally, with Belgium, Germany, Canada, and the United States being the most frequently targeted countries.