Talk to sales

Ask a member of our sales team about our products or services:

Q4 Threat Summary and Year in Review

Our latest threat report reviews 2016's top security trends, techniques and recommendations

EXECUTIVE SUMMARY

The threat landscape evolved significantly in 2016. Criminals leveraged human vulnerabilities to launch more malicious email campaigns than ever before along with increasingly targeted attacks across mobile and social media platforms.

For a comprehensive analysis, please download the full report. A summary of our findings is below.

Key Takeaways: Bigger, Faster More

Email and Exploit Kits

  • Malicious email campaigns skyrocketed—Q4's largest campaign was 6.7 times the size of Q3's—and malicious JavaScript attachments regularly outnumbered malicious document attachment volumes by a factor of four to six.
  • Overall exploit kit activity fell 93% from its Q1 high while the number of ransomware variants multiplied 30 times over last year.
  • CEO-to-CFO spoofing dropped 28% between August and December as DMARC (Domain-based Message Authentication Reporting and Conformance) adoption grew 33%.
  • Credential phishing remains a large-scale threat, usually propagated through malicious links via email.

Mobile

  • Hundreds of thousands of mobile devices were potentially exposed to attacks that redirected users to malicious websites through the DNSChanger exploit kit that attacked SOHO routers rather than mobile or desktop devices directly
  • Several significant mobile risks emerged beyond the growth of malware, including:
    • Risks from malicious clones of popular apps like Pokémon GO
    • Increased use of side-loading to distribute unauthorized apps
    • The availability of targeted attack tools for mobile devices like Pegasus

 

  • 4,500 mobile apps related to the Summer Olympics and sponsor brands were risky (e.g. potentially leaked data) or outright malicious.

Social Media

  • Fraudulent social media accounts doubled from the third to the fourth quarter of 2016.
  • Social media phishing attacks increased 500% year-over-year—this figure includes angler phishing that intercepts customer support channels on social media.

Want to find out how you can prepare for these evolving cyber threats in 2017?