2023 is just about here, and you should start to plan for the new year. Sixty-eight percent of surveyed business leaders feel that cybersecurity risks are getting worse and this is the area you should start to take seriously (if you haven’t already) and look at the attack trends.
Knowing things like the following are important to know, as they help you to better update your IT security to mitigate the risk of a data breach or malware infection:
What new methods are hackers using?
What types of attacks are increasing in volume?
What are the latest protection methods?
We have researched what cybersecurity experts are expecting for the upcoming year and here are the attack trends that you need to watch out for.
Mobile Device Attacks
Our mobile devices go with us just about everywhere these days. In the future look for more mobile device-based attacks, including mobile malware and SMS-based phishing (AKA smishing).
Mobile numbers are nor as private as they once were and many people are not expecting to receive fake messages to their personal numbers, which makes this a lucrative method for the bad guys. They craft convincing fake text messages that look like invoices or courier deliveries and one wrong click is all it takes for an account or data breach.
It is important to ensure that you have good mobile security software as mobile malware is also on the rise – during the first few months of 2022, malware targeted to mobile devices rose by 500%.
Attacks Surrounding World Events
During the pandemic, cyberattacks increased by approximately 600%. Large criminal hacking groups realized that world events and disasters are lucrative and specifically use them to launch phishing campaigns. Attacks come for everything from the latest bad weather event (floods, droughts, earthquakes, hurricane etc) to a war. Unsuspecting people fall for these scams as they are often distracted by the event.
People need to be especially mindful of scams surrounding events like these as cyber criminals will often use social engineering tactics, such as sad photos, to play on the emotions of people.
MFA Bypass
This alarming new trend is designed to get past one of the best forms of account security – MFA. Multi-factor authentication (MFA) is well-known as very effective at preventing fraudulent sign-in attempts and can stop account takeovers even in cases where the criminal has the user’s password.
There are a few different ways that digital criminals try to bypass MFA. These include:
- Reusing a token: Gaining access to a recent user OTP (One Time Password) and trying to reuse it
- Sharing unused tokens: The hacker uses their own account to get an OTP. Then attempts to use that OTP on a different account.
- Leaked token: Using an OTP token leaked through a web application.
- Password reset function: A hacker uses phishing to fool the user into resetting a password. They then trick them into handing over their OTP via text or email.
So do no think that because you are using MFA that you are immune to an attack.
Advanced Phishing Attacks
These days, phishing emails are not so easy to spot. In days gone past it used to be that they nearly always had spelling errors, grammar issues or other mistakes that were easy to spot.
While some still do, most do not anymore, making them much harder to detect. Criminal groups elevate today’s phishing attacks by using AI and machine learning. Not only will the emails look identical to a real brand’s emails, they will also come personalised.
So be extra vigilant with all emails.
Schedule a Cybersecurity Check-Up Today
So is your business prepared for the cyber threats coming in 2022? Do not wait to find out the hard way! If you are in Australia, contact us today and schedule a cybersecurity check-up to stay one step ahead of the digital criminals.
