Cybercriminals are continuing to bypass the use of malware in favor of response-based and credential-centric social engineering attacks, according to new data from Agari and PhishLabs.
Malware-based attacks certainly are not dead, as threat actors need to gain control over endpoints, and ransomware continues to thrive. But new data from PhishLabs’ Quarterly Threat Trends & Intelligence Report shows that cybercriminals are favoring attacks that are less likely to be detected by security solutions – the greatest, of which, is vishing.
According to the report, hybrid vishing now leads over business email compromise (BEC) as the second most reported response-based threat, with one in four reported response-based attacks being a vishing attack.
Response-based threat – those attacks that rely on social engineering and requiring the interaction of a corporate user – represented 37.5% of email-based threats as well, with credential theft used in nearly 59% of attacks, and malware delivery only occurring in less than 4% of attacks.
This breakdown demonstrates the power and effectiveness of the use of social engineering tactics and the longer-term play by threat actors to gradually gain the access needed to compromise networks and breach data.
It also makes the case for the need for Security Awareness Training to counteract such tactics – whether the medium is email, web, voice, or text. If users are not fully-prepared for social engineering attacks, the trends outlined by the PhishLabs report indicate that cybercriminals will continue to win the battle, seeing more successful attacks via social engineering.