While these trends might seem scary, there are easy ways to protect yourself, your loved ones, and your business.
The end of the year is traditionally a time of reflection. In many industries — including cybersecurity and online privacy — it’s also a time of prediction around the year to come. This year, Avast has three major predictions for 2023: Ransomware will become an increasingly serious problem, scams will continue to be a favorite method for cyber criminals, and cybercrime as a business will become even more sophisticated.
Ransomware gets worse
Ransomware continued to be a profitable crime in 2022, as cybercriminals used phishing attacks and other social engineering techniques to gain access to the systems of both public and private organizations. From hospitals to big corporations to individuals, it seemed no one was safe.
“This year, we saw cybergangs threatening to publicly publish their targets’ data if a ransom isn’t paid, and we expect this trend to only grow in 2023,” says Michal Salat, Threat Intelligence Director at Avast. “This puts people’s personal memories at risk and poses a double risk for businesses. Both the loss of sensitive files, plus a data breach, can have severe consequences for their business and reputation.”
For 2023, Salat and his team expect to see a continued rise in this type of attack.
Scamdemic 2022 becomes Scamdemic 2023
The 2022 “Scamdemic” saw everything from romance scams to Covid-19 scams to tech support scams and more proliferating as cybercriminals went after individuals worldwide. This may be due, at least in part, to software solutions that thwart cybercrimes become more sophisticated, making people easier targets than devices.
“We’ve been living in a scamdemic for some time now, and there are no signs of a slow-down,” says Salat. “Cybergroups go to many lengths to tap into people’s worst fears to deceive them into sending money or giving up personal data because it is easier to make people vulnerable than hacking their devices. “
In addition to the plethora of scams seen in 2022, Salat expects to see some relative newcomers to the field in 2023.
“Next year, we expect to see attacks playing with people’s economic and environmental concerns,” Salat says. “Scams are not just flooding people’s inboxes in the form of phishing emails, but are bombarding people’s text messaging apps, and are keeping their phones ringing.”
Cybercriminals get more professional
We’ve said it before and we’ll say it again: Cybercrime is, first and foremost, a business. And, similar to non-criminal industries, it evolves and changes. In 2022 we saw increased professionalization in the form of conglomerates forming and even a ransomware group offering a bug bounty program. But perhaps even more worrying is the intrusion of cybercriminal recruiting into spaces where young people hang out.
“Cybercrime has been a growing business for years, but we have started to see open-source malware become more readily available and distributed on platforms like Discord,” Salat says.
“People, including young people with less technical knowledge, can now get their hands on malware and may be more inclined to join the dark side given current economic hardships.”
Cybercriminal groups have also started paying common people to participate in their crimes, a trend that Salat expects to see continue in 2023.
“We have also seen criminal groups recruiting and paying people money to carry out DDoS attacks, or install ransomware on their employers' devices, for example,” Salat says.
Not only will we see more malicious activities thanks to software as a service, the distribution of software to carry out DDoS attacks, and easily accessible open-source malware, but this could be stepping stones towards a career as a cybercriminal.”
But, while these trends might seem scary, there are easy ways to protect yourself, your loved ones, and your businesses. Here are our top tips for avoiding getting scammed or becoming a ransomware victim.
How to protect yourself against scams
-
Research companies and websites before buying. No matter how urgent the offer may seem, or how badly you want the item or service, do your research first. Read the website’s corporate information, terms of service and privacy policy — many scam websites will have basic versions if anything at all. Look up customer reviews and see what other people have to say.
-
Pay with a credit card or trusted payment processor. Compared to debit cards and bank transfers, credit cards are far more secure. Your credit card company is on your side when it comes to fraud. When you’ve been ripped off, chargebacks are your friend.
-
Avoid links and downloads. Scammers can use attachments and websites to infect your computer with malware. For example, trojans often slip onto your device while disguised as harmless attachments, and those Trojans can then bring rootkits, spyware or adware with them. Some malware will just show you ads, while others can be far more damaging.
-
Keep personal information to yourself. You know how many websites ask you to answer a series of security questions in case you need to recover your password? Remember which information you’ve set as security measures, and don’t share it. Otherwise, scammers can answer your security questions with ease. Of course, this also applies to things like login credentials and account numbers.
-
Secure yourself online. If a website offers two-factor authentication, use it. It’s not bulletproof, but it’s better than nothing. Use strong, unique passwords on the websites you frequent, and store them more securely with a dependable password manager.
How to help to prevent ransomware
-
Keep your software updated. Making sure your OS and apps get new updates as soon as they’re released will plug security holes and prevent hackers from using exploits to deploy ransomware.
-
Backup your system regularly. Ransomware typically gains its power from blocking access to important files. If you have the files backed up safely elsewhere, your chances of losing them to ransomware are reduced. Perform regular backups of your system and files — cloud services and physical storage are both viable options, and you should use both if you can. If your device lets you set an automatic backup schedule, do that as well.
-
Use an ad blocker. Load up your browser with an ad blocker to shield yourself from malvertising and drive-by-downloads: two ad-related ways ransomware can make its way into your system.
-
Be skeptical. Be wary of strange links sent in emails or on other messaging platforms. Even if the link comes from someone you know, they could have been hacked. Learn the signs of unsafe websites and avoid visiting them.
-
Use an antivirus. Ransomware can hurt you only if it can reach you. Employ a robust cybersecurity app that helps block malware and viruses before they can get anywhere near you. Avast One helps block unsafe links, sketchy downloads, and unsecure websites.