Cybersecurity threats in the first quarter of 2017 were marked more by their diversity than by their volume. A wide range of ransomware circulated in the wild, web-based attacks incorporated social engineering techniques, email attacks featured a mix of malicious URLs and attachments and business email compromise (BEC) actors continued to hone their techniques.
Below, you can find key findings from this quarter. Click here to download the full report.
Email and Exploit Kits
- Campaigns that used malicious URLs accounted for 60%-70% of total malicious message volume.
- More than four times as many new ransomware variants appeared in Q1 2017 than in Q1 of last year.
- Display name spoofing was a top BEC technique, increasing 7% from Q4 of 2016 to 43% of total BEC attacks this quarter.
- Exploit kit activity remained relatively low at roughly 10% of the levels detected in Q1 of 2016.
Mobile and Social Media
- 16,000 publishers offered malicious mobile apps through both vendor-sanctioned and third-party app stores.
- SMS phishing bypassed traditional security measures and used stolen branding and multi-step phishing sites to increase effectiveness.
- Social media support phishing increased by 167% over Q2 2016.