Cyber attackers move from technical exploits to human exploitation
- Published: Friday, 26 February 2016 08:26
Proofpoint, Inc., has released its annual Human Factor cybercrime report. In 2015, attackers significantly shifted their strategy to fool humans into becoming unwitting accomplices in the quest to steal information and money.
Based on customer data, the Proofpoint Human Factor 2016 report details trends across email, social media platforms and mobile applications to reveal attacker trends and recommend how organizations can secure their systems to combat the human factor.
“Attackers moved from technical exploits to human exploitation in 2015,” said Kevin Epstein, vice president of Threat Operations for Proofpoint. “People’s natural curiosity and gullibility is now targeted at an unprecedented scale. Attackers largely did not rely on sophisticated, expensive technical exploits. They ran simple, high-volume campaigns that hinged on social engineering. People were used as unwitting pawns to infect themselves with malware, hand over key credentials, and fraudulently wire money on the attackers’ behalf.”
Key findings from The Human Factor 2016 report include:
- Attackers infected computers by tricking people into doing it themselves rather than using automated exploit technology. More than 99 percent of all documents used in attachment-based malicious email campaigns relied on human interaction. However, ransomware was very popular in 2015 exploit kit campaigns and has continued its reign in 2016.
- Banking Trojans were the most popular type of malicious document payload in email campaigns. Dridex message volume was almost 10 times greater than the next most-used payload. The documents themselves used malicious macros extensively and relied on social engineering to trick the user into running malicious code.
- Hackers served phishing emails for breakfast and social media spam for lunch. Cybercriminals timed attacks to ensure optimum distraction. For example, Tuesday mornings between 9-10 a.m. were the most popular for phishing campaigns and social media spam hit a high in the afternoon.
- Social media phishing scams are 10 times more common than social media malware. Fraudulent social media accounts, pretending to represent known brands, spiked last year. Forty percent of Facebook accounts and 20 percent of Twitter accounts claiming to represent a global 100 brand were unauthorized.
- Dangerous mobile apps from rogue marketplaces affect forty percent of enterprises. Users who download apps from rogue marketplaces – and bypass multiple security warnings in the process – are four times more likely to download a malicious app. These apps steal personal information, passwords and data.
- People willingly downloaded more than two billion mobile apps that steal personal data. Proofpoint discovered more than 12,000 malicious mobile apps in authorized Android app stores. Many were capable of stealing information, creating backdoors and other nefarious functions.