Security Market Segment LS
Wednesday, 08 February 2017 16:31

Proofpoint 2016 malware report – bigger, faster and more to come

By

In Q4, 2016 the largest email phishing campaign was 6.7 times the largest in Q3 and fraudulent social media accounts increased by 100%. These are just two findings from Proofpoint’s 2016 year in review.

The report covers intelligence gathered from billions of emails, social media posts, and malware samples. Its conclusion, if a little understated, is, “We continue to see sophisticated threats across three primary vectors: email, social media, and mobile.”

The key takeaways can best be described as bigger, faster and more. They include:

  • Q4’s largest malicious email campaign was 6.7 times larger than Q3’s biggest. Both campaigns used zipped JavaScript attachments distributing Locky, representing the rapid increases in Locky campaign volumes, especially those using compressed files and attached scripts instead of macro-laden documents.
  • Hundreds of thousands of mobile devices were potentially exposed to malvertising, ad redirection, and potential attack vectors via DNSChanger EK. This didn’t rely on device vulnerabilities but rather SOHO router exploits that then exposed all connected devices via DNS redirection.
  • About 4500 mobile apps associated with the summer Olympics and sponsor brands were risky or malicious. Threats in both the mobile and social spaces frequently track major events and popular phenomena; risky apps that potentially leak data are commonplace on both major mobile platforms.
  • Fraudulent accounts across social channels increased by 100% from the third to fourth quarter of 2016. These accounts may be used for phishing, social spam, malware distribution, and more.
  • Social media phishing attacks increased 500% from the beginning of 2016 to end of 2016. This includes angler phishing that intercepts customer support channels on social media.

Cyber criminals follow the money – attacks that yield the most return for the least effort, Proofpoint claims.

Still, phishing has cut through due to the human element and by increasing numbers, it increases return. Locky ransomware was the main payload (70%) delivered increasingly by malicious JavaScript attachments.

So too did business email compromise (BEC) attacks evolve as attackers found new ways to impersonate executives and trick victims into sending money or sensitive data. Proofpoint recorded a 62% reply to a spoofing email rate and a 37.1% to a display name that did not match the real email name.

But the market for exploit kits — easy-to-use tools for exploiting Windows desktop and server system vulnerabilities — fell below Q1 levels.

Exploit kits targeting mobile devices and Internet-of-things (IoT) devices such as home Internet routers emerged, reflecting the growing availability of exploitable vulnerabilities.

Mobile had a “rapid evolution” in Q4, mainly in serving malvertising and gaining information. There is some evidence that an infected device can also infect a vulnerable home router resulting in desktop browser redirection, malvertising, and popups. The main danger is from fake apps and side-loading unauthorised apps.

Social media also saw rapid spikes in malicious activity around major events and popular trends. Negative, damaging, and malicious content increased dramatically on social channels. This activity included “angler phishing,” a term used to describe attacks that involve fake customer-support accounts that trick people seeking help into handing over their login credentials and other information. These threats all demonstrate strong ROI for attackers.

Read 5335 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here
BACK TO LATEST NEWS here




ELASTICON SYDNEY 2024 LATEST ADVANCEMENTS IN GENERATIVE AI

On 20 February, keynote addresses from NAB, Canva, AWS, and Google Cloud, among others, will feature at ElasticON Sydney 2024.

This event will explore the latest advancements in generative AI

The one-day conference, hosted by leading search analytics company Elastic, will include networking drinks, hands-on labs, technical sessions and a stellar line-up of keynote speakers from finance, technology, and government e=sectors.

ElasticON Sydney 2024 promises to be an enriching experience with a comprehensive exploration of the latest developments in security, observability, generative AI and their real world applications

Don't miss out on this opportunity to network and find answers for what's next from your industry peers and leaders


Register for ElasticON Sydney 2024

REGISTER HERE!

PROMOTE YOUR WEBINAR ON ITWIRE

It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.

MORE INFO HERE!

BACK TO HOME PAGE
Ray Shaw

joomla stats

Ray Shaw ray@im.com.au  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!

Share News tips for the iTWire Journalists? Your tip will be anonymous

Subscribe to Newsletter

*  Enter the security code shown:

WEBINARS & EVENTS

CYBERSECURITY

PEOPLE MOVES

GUEST ARTICLES

Guest Opinion

ITWIRETV & INTERVIEWS

RESEARCH & CASE STUDIES

Channel News

Comments