
Cyber criminals are using ever more insidious
means to steal money and spread malware, according to the Avast Q4/2022 Threat Report.
For instance, there was an 14% uptick in refund and invoice fraud from October to November
2022, and a 22% hike in December.
With this scam, victims typically receive an email containing a fake receipt. This may lead them to believe they were charged for a purchase they didn’t
make. They may be tricked into calling a phone number and creating a remote connection, opening their bank account for a refund.
Invoice fraud consists of a bill being sent for services never
received. Companies are particularly targeted for this type of scam.
Avast also saw an increase in tech support schemes, especially in the U.S., Brazil, Japan, Canada and France. These
often start with a pop-up window alerting consumers of an alleged malware infection. Again, it urges them to call and set up a remote connection to their computer. The result is that money is stolen
from their bank account or crypto wallet and personal information collected.
In addition, Avast detected a 437% worldwide spread of the Arkei information stealer, which steals
stealing data from browsers' autofill forms, passwords and other sources, and a 37% increase in RedLine stealer, a form of tech abuse that spreads in cracked games and services and steals information
from browsers and cryptowallets.
"At the end of 2022, we have seen an increase in human-centered threats, such as scams tricking people into thinking their computer is infected, or that they
have been charged for goods they didn't order,” states said Jakub Kroustek, Avast Malware Research Director.
Avast urges consumers to “stay calm and take a moment to think before
they act” when faced with pop-up messages.