Story image

Cybercriminals phish 'the human factor' for everything it's worth

23 Apr 18

Cyber attackers are increasingly preying on human vulnerabilities and less on technical system flaws to create mayhem – or at least that’s what one report from Proofpoint claims.

The annual Human Factor report says that email continues to be the top attack vector of choice – and that 32% of clicks in malicious emails within 10 minutes of delivery. By one hour, that rises to 52%.

“Threat actors continue to find new ways to exploit our natural curiosity, desire to be helpful, love of a good bargain, and even our time constraints to convince us to click,” comments Proofpoint vice president of threat operations Kevin Epstein.

Phishing emails related to Dropbox were the top lure for phishing attacks, however Docusign phishing click rates exceeded those to Dropbox.

80% of malicious emails distribute ransomware and banking Trojans. Banking Trojans in particular appeared in 30% of malicious emails across Japan, Australia, and Europe. Japan was also targeted by the highest regional level of downloader activity in emails.

Business email compromise and fraud attacks affected 80% of organisations.

The study says that there was a 1850% year-on-year increase in the number of email fraud emails using language related to legal advice or practices in their subject lines.

Education, management consulting, and entertainment/media industries experienced the greatest number of email fraud attacks, averaging more than 250 attacks per organisation.

Education was the most-targeted vertical with an average number of attacks per organisation almost four times the average across all industries (up 120% year-over-year).

Construction, manufacturing, and technology topped the most phished industries, while manufacturing, healthcare, and technology were the top targets of crimeware, which aims to steal identities for financial gain.

“Our research clearly shows that it’s imperative to stop threats before they reach users over email, cloud applications, and social networks. Reducing initial exposure minimizes the chances that an organisation will experience a confidential data breach, business disruption, or direct financial loss,” Epstein continues.

The report also looked at social media attacks and found that 55% of social media customer support attacks went after customers of financial services organisations.

Organisations also need to be aware of criminals’ ability to typosquat, where they register fake websites with domains similar to genuine websites. Victims of phishing attacks are more likely to mistake these fake domains for their legitimate counterparts.

The report says that 40% of advanced persistent threat (APT) activity went after government and defence industries, but no industry is exempt.

Disruption in the supply chain: Why IT resilience is a collective responsibility
"A truly resilient organisation will invest in building strong relationships while the sun shines so they can draw on goodwill when it rains."
Businesses too slow on attack detection – CrowdStrike
The 2018 CrowdStrike Services Cyber Intrusion Casebook reveals IR strategies, lessons learned, and trends derived from more than 200 cases.
Proofpoint launches feature to identify most targeted users
“One of the largest security industry misconceptions is that most cyberattacks target top executives and management.”
McAfee named Leader in Magic Quadrant an eighth time
The company has been once again named as a Leader in the Gartner Magic Quadrant for Security Information and Event Management.
Symantec and Fortinet partner for integration
The partnership will deliver essential security controls across endpoint, network, and cloud environments.
Is Supermicro innocent? 3rd party test finds no malicious hardware
One of the larger scandals within IT circles took place this year with Bloomberg firing shots at Supermicro - now Supermicro is firing back.
25% of malicious emails still make it through to recipients
Popular email security programmes may fail to detect as much as 25% of all emails with malicious or dangerous attachments, a study from Mimecast says.
Google Cloud, Palo Alto Networks extend partnership
Google Cloud and Palo Alto Networks have extended their partnership to include more security features and customer support for all major public clouds.