3 trending cyber threats in 2023

In today’s connected world, cyber threats can be present in almost any setting. They can be sitting on the desk in your child’s bedroom. Or on a family laptop you’ve connected to a free access point as you wait to board a flight. They can even be installed on the phone in your pocket. And these threats could ultimately lead to you becoming the victim of a data breach, trojan infection or worse.

Cyber threats are on the rise

Unfortunately, thanks to the financial incentives for scammers, too many of us will become victims of cyber crime. And one in three internet users say they’ve experienced cyber crime in the last 12 months, according to a 2022 F‑Secure survey (source: F‑Secure Simply Protected Consumer Survey, December 2022).

Every­thing is financially motivated, said Tom Gaffney, Director of Business Development, Network Services at F‑Secure. It’s all about money. So cyber criminals will go where the money is, and where the money is for them centers around volume and vulnerability.

Making sense of cyber threats

So, we know cyber threats are out there. But what do they actually look like? And how do they affect their victims? In this post we reveal how three trending methods — info­stealing, phishing and bad Android apps — are spread and operate in the wild. With the goal of showing you how to avoid and identify trending cyber threats before any serious harm is done.

1. Info­stealers

Info­stealers, also known as information stealers, have become the most common type of malware, with RedLine stealer being the most prominent cyber threats in this category.

Info­stealers it the definition of a trojan, which is malware designed to mislead users by posing as legitimate soft­ware, such as a mobile banking app. And info­stealers are also able to capture data such as account pass­words, crypto­currency details and credit card information.

How info­stealing works

Criminals lure victims into installing info­stealers by tricking them into clicking on malicious attachments or links, which — once a user clicks on them — unwittingly starts the installation. When running on the victim’s PC, the info­stealer then collects targeted information and awaits further instructions.

Once installed, the info­stealer will run silently, sucking up targeted data, including credentials stored on the browser, instant messages, screen captures and more. And the stolen credentials are then packaged up into logs, before being sent back to cyber criminals, who will usually list them for sale on the dark web (although not all info­stealing is financially motivated, with vulnerable groups some­times targeted using such methods).

Dealing with info­stealers

When it comes to info­stealers, prevention is the best course of action, because — by design — info­stealers are created to avoid detection; this means you should only down­load soft­ware from trusted and official sources, and avoid opening attachments and clicking links within messages from unknown senders.

However, prevention isn’t always possible, and you can gain added protection from info­stealers via anti‑malware soft­ware such as F‑Secure Total, which will stop them installing or running on your devices. F‑Secure Total does this by recognising info­stealers directly via their signatures and suspicious behaviour. And it will also stop you visiting malicious web­sites that spread info­stealers, using browsing protection.

Another way to ensure you stay secure is to choose security soft­ware with additional banking and shopping protections, which can spot fake web­sites and protect your connection to banking services.

In the event that an infection is found, change any pass­words that may be stored in your browser, along with the login and pass­word credentials for any services you’ve accessed through your PC, using a tool like F‑Secure’s strong pass­word generator.

2. Phishing

Phishing describes a cyber attack that tricks users out of private information, or convinces them to click on links or attachments that link to malware. The attacks are usually distributed via digital communication, including email, SMS and social media messages. And they rely on different tactics to build trust and create a sense of urgency with victims, who are ultimately lured into handing out sensitive information and money (or are tricked into clicking on a bad link).

How phishing works

Criminals start by establishing a realistic looking phishing site, email, SMS message or other form of digital communication; these often take the form of an update, warning recipients that their details have expired or a payment has been declined. Criminals then send these phishing messages to a large contacts list, usually based on breached, leaked or scraped data.

Because of the scale of phishing attacks, scammers only need to successfully dupe a fraction of the people they target. And once they do, the victim is directed to a real‑looking version of the site being simulated, where they then hand over their details or click on malicious links.

Dealing with phishing

If you’ve fallen victim to phishing then you should change any affected pass­words. And if you’ve entered credit card details or financial information, contact your bank, and follow their instructions, such as cancelling your card or setting up a fraud alert on the account.

Unfortunately, you may not know if you’ve fallen for a phishing scam, so use a service like F‑Secure ID Protection to monitor if your data is on the dark web.

3. Bad Android apps

Cyber threats targeting Android devices are on the increase, and — according to F‑Secure infection hits data — 32% of these are malware (with 66% qualifying as potentially unwanted apps, or PUAs, which, though less harmful than malware, can still slow down your device, collect data and affect functionality).

The line between potentially unwanted apps and malware can be blurry. However, malicious apps cross the line by taking over users’ accounts, with Android malware including banking trojans, such as SharkBot, which steals user credentials. And in recent months, threats including SharkBot have started to appear in the official Play Store.

How bad Android apps work

A common scenario is that someone is using an app such as SnapTube, a popular free Android video down­loading app, and then sees an in‑app advert for a bad app like YoWhatsApp (an unofficial version of WhatsApp). Once installed, the app functions just like the official WhatsApp.

Unfortunately, the installation also grants the Triada trojan the same permissions as the app, enabling criminals to upgrade users to premium subscriptions without their permission. And their WhatsApp accounts are also at risk of being hijacked and used for carrying out other attacks.

Dealing with bad Android apps

If you think an app is tracking you or contains malware, delete it — especially if it didn’t come via the official store. To do this, open Settings in Android. Choose Apps & notifications and See all apps. Select what to uninstall and follow the instructions. If it doesn’t work, hold Power Off for a few seconds to restart in Safe mode and then try again.