Phishing threats still dwarf vulnerabilities and zero-days


Rob Wright at SearchSecurity wrote: "Proofpoint research shows that while phishing attacks now require victims to take more steps, the success rate for such attacks hasn't declined and enterprises are still on the defensive." Here is an extract with a link to the full article below:

"Phishing threats continue to evolve and stay one step ahead of enterprise defenses, according to new research from Proofpoint.

"Proofpoint's report, titled "The Human Factor 2018," revealed several trends and techniques for social engineering attacks, including phishing threats, observed in 2017 based on data from more than 1 billion email messages a day. The email security vendor's report revealed shifts in targeted attacks and techniques used by a variety of threat actors last year.

Social Engineering Attacks Still Dominate The Threat Landscape

Overall, the report also claimed that social engineering attacks still dominate the threat landscape. "As many as 95% of observed web-based attacks like these, including those involving exploit kits, incorporated social engineering to trick users into installing malware rather than relying on exploits with short shelf lives," Proofpoint researchers wrote. "Two years ago, social engineering in web-based attacks was much less widely deployed."

Ryan Kalember, Proofpoint's senior vice president of cybersecurity strategy, said just 1% of the targeted attacks the vendor saw in 2017 used a vulnerability to gain a foothold in the organization. "Attackers just go on Google or LinkedIn for the person who has access to the things they want then they email them something targeted toward those specific people," Kalember said. "They're all relying on the human target to do the work for them."

The phishing research also showed evolving techniques and approaches to the time-honored attack. For example, Proofpoint said the biggest change from 2016 was an increase in fraudulent Dropbox emails; those emails were the "top lure" for phishing threats over the last year, representing more than twice as many attacks as the next most popular lure.

The report didn't say why Dropbox phishing emails increased so much but did say that "isolated instances of extremely large campaign activity" drove the increase.

However, the report noted that DocuSign-related phishing emails had the highest click-through rates. The digital signature service suffered a breach last May, followed by a surge in phishing emails targeting DocuSign users.

Ratio Of Suspicious Domain Names To Real Ones: 20 to 1

The data regarding cloud-related threats was also troubling; Proofpoint said nearly 25% of all suspicious logins for cloud services were successful in 2017. In addition, the report stated suspicious domain names for large enterprises outnumbered legitimate corporate-owned domains by approximately 20 to 1. 

Original article:

Free Phishing Security Test

Did you know that 91% of successful data breaches started with a spear-phishing attack?

Cyber-attacks are rapidly getting more sophisticated. We help you train your employees to better manage the urgent IT security problems of social engineering, spear-phishing and ransomware attacks. Take the first step now. Find out what percentage of your employees are Phish-prone with our free test. Did you know that KnowBe4 also supports "Vishing" where you can actually send your users simulated voice mail attacks?

Get Your Free PST Now

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Topics: Phishing

Subscribe To Our Blog

Weak Password Test Contest

Get the latest about social engineering

Subscribe to CyberheistNews