McAfee 2023 Consumer Threat Predictions: Evolution and Exploitation
McAfee shared its 2023 cyber threat predictions, offering an overview of the key trends and treats that consumers should be aware of in the year ahead. This past year saw the continued evolution of cyber scams, which are unlikely to slow down, as well as greater adoption of Chrome as an operating system. The introduction of AI tools that are easy and accessible to virtually anyone with a phone or laptop continues to pose significant implications, as does the fluctuating popularity of crypto currency and the emergence of “Web3”. All of these set the stage for a 2023 that promises advancement not only in how we interact with technology, but also in how bad actors are able to exploit it, and in turn us.
McAfee encourages consumers to protect themselves online by being critical when assessing whether a website or source is genuine, and ensuring they are using legitimate sites for online payments and transactions. As the new year begins, the company suggest consumers be mindful of the content they consume and the sources that it originates from. Fact checking images, videos, and news content, something that’s already on the rise, will continue to be a necessary and valuable part of media consumption. This conscientious approach can also help consumers identify disinformation or misinformation online. Disinformation is introduced to the internet or social media channels via a bad actor with malicious intent, which then spreads as misinformation by people who take it to be fact. Additionally, it’s important that users read the terms and conditions of any app they download or service they seek, especially those that will be accessing any type of financial institution or currency, whether traditional or crypto. Always use a trusted provider and be wary of clicking on online ads.
Below are McAfee’s 2023 Threat Predictions
AI Goes Mainstream and the Distribution of Disinformation Rises
Humans have been fascinated with and fearful of Artificial Intelligence almost as long as we’ve been using computers. The reality of current AI technologies is both more complicated and less autonomous. While AI is rapidly evolving, it is still humans at the heart of its nefarious uses.
- Availability of applications for public use: Over the last few months, AI generated images, videos and even voices are no longer something that only a select few are capable of – now anyone with a phone or computer can take advantage of this technology by using AI applications.
- Content creation tools available to the masses: Consumers at home and employees at work will have the ability to create AI-generated content in minutes. Similarly, desktop publishing, photo editing and inexpensive photorealistic home printers will enable sophisticated outputs which previously required professional expertise.
- Vulnerabilities with next-generation content tools: Advances in desktop publishing and consumer printing also provided benefits to criminals by enabling better counterfeiting and more realistic manipulation of images.
From cyber criminals to those seeking to falsely influence public opinion, these tools will empower scammers, and propagandists to take their tradecraft to the next level with more realistic results and significantly improved efficiency.
Web3 Threats Will Take Advantage of Fear of Missing out (FOMO)
With the pandemic, the hype around crypto, Bitcoin, NFTs skyrocketed. Out of which rose the concept of Web3 which encompasses decentralized internet services.
Some amateur investors, remembering the rapid rise of the value of Bitcoin earlier this decade, won’t want to miss out on what they think will be a great opportunity to get rich quick. Consumers will begin to explore these Web3 offerings without fully understanding what they mean or what dangers they should be aware of, leaving them open to scams as they invest time and money into crypto or creating their own NFT content. It’s this group that bad actors will seek to exploit, offering up links or applications that play on these users’ crypto/Web3 FOMO.
These scams could entice users to click on a link or download an app that appears to legitimately interact with some blockchains, but in actuality:
- Does not have the functionality to interact with any blockchain
- Are designed to collect traditional currency for fees or services that do not actually provide any value
- Possess aggressive adware that compromises user’s privacy, time, device performance, data usage and drains their device battery
Additionally, when consumers do hold crypto, NFT, digital land or other blockchain financial assets they are going to be targeted for more sophisticated threats that can drain their funds. Smart contracts, exchanges, digital wallets, and synchronization services can all be associated with hidden authorizations that allow a third party (potentially a bad actor) to take control of the assets.
Old scams, New Baits
McAfee predicts four primary scams with newer hooks which consumers need to beware of:
- Cryptocurrency Scams: In 2022, McAfee saw several online scams making use of existing content to make crypto scams more believable. One such example was the double your money cryptocurrency scam that used an old Elon Musk video as a lure. McAfee expects this to evolve in 2023 and make use of deep fake videos as well as audio to trick victims into parting ways with their hard-earned money.
- Investment Scams: The financial outlook of 2023 shows that it will likely be a tough year for most people. During these times, people often look for ways to make some extra money which can leave them vulnerable to social media messages and online ads that offer huge financial gains for little investment.
- Fake Loans: Fake loan scam is one such scam still on the rise targeting desperate victims with attractive schemes by unauthorized providers. McAfee predicts that there will be a large increase in these types of scams in 2023. Fake loan apps have been seen to provide victims with a direct loan then charging high interest rates with short repayment periods.
- Metaverse: Metaverses such as Facebook’s Horizon enable their users to explore an online world that was previously unimaginable. When these platforms are in the early stages, malicious actors will usually attempt to exploit the lack of understanding of how they work and use this to scam people. McAfee expects such phishing campaigns to increase dramatically in 2023 as their user bases increase.
The Rise of ChromeOS Threats
Thanks to the rise of the mobile internet, device diversity has greatly evolved, setting the stage for a marked increase in threats impacting Chromebooks in the year to come. In 2023, we can expect to see Chromebook users among millions of unsuspecting victims targeted to download and run malicious content. Whether appearing to be legitimate Android Apps, Progressive Web Apps, or Chrome Web Store extensions, users should be leery of popups and push notifications urging them to install untrusted apps.
- ChromeOS’ ability to run Android applications combined with wide-spread adoption provides the climate for increased attention by those with ill intentions. The ultimate vectors are those which impact users across a spectrum of devices. Email and web-based scams (some of which are outlined in the blog above) are as prolific as ever as these technologies are ubiquitous.
- Adoption of Progressive Web Apps (PWAs) provides bad actors with additional incentive to deliver deceptive and imposter attacks through this mulit-os channel, including ChromeOS, iOS, MacOS, and Windows.