How to Avoid Falling Prey to the Human Factor

July 06, 2017
Patrick Wheeler

Ransomware, business email compromise (BEC) and phishing attacks continue to make headlines worldwide. And for all of society’s technological advances, human beings (that is, your employees) remain the weakest link in the cybersecurity ecosystem. To help security teams combat the latest cybercrime techniques, each year we examine threats across thousands of our worldwide enterprise customers—including email, social media, and mobile communication platforms—to report how attackers are systematically targeting potential victims.

After months of research we recently released the report, The Human Factor 2017, and I also discussed our findings during a webinar. While today’s attacks exploit human frailties highlighted in past attacks, they are now built to scale and result in much more widespread damage. We saw this trend accelerate in 2016, with a massive influx of ransomware and BEC attacks targeting employees at every level across a variety of networks and devices.

While the bulk of the attack attempts still arrive via email, we saw massive jumps in other areas, notably mobile devices and social media. For example, phishing attempts from fraudulent social media accounts grew by more than 150 percent last year alone.

Our original research uncovered who is being targeted, how attackers are getting people to click, and what you can do about it. For example:

  • Someone will always click—and soon. Nearly 90% of clicks on malicious URLs occur within the first 24 hours of delivery, with 25% of those occurring in just ten minutes, and nearly 50% of clicks occur within one hour. 
  • BEC attack message volume rose from 1% in 2015 to 42% by the end of 2016 relative to emails bearing banking Trojans. BEC attacks, which have cost organizations more than $5 billion worldwide, use malware-free messages to trick recipients into sending confidential information or funds to cybercriminals. BEC is the fastest growing category of email-based attacks.
  • Malicious email attachment message volume spikes more than 38% on Thursdays over the average weekday volume. Ransomware attackers in particular favor sending malicious messages Tuesday through Thursday while Wednesday is the peak day for banking Trojans. Point-of-sale (POS) campaigns are sent almost exclusively on Thursday and Friday, while keyloggers and backdoors favor Mondays.
  • Attackers send most email messages in the 4-5 hours after the start of the business day, peaking around lunchtime. Our report also details clicking patterns across the U.S., Canada, Australia, France, German, and the UK.

To review these and more insights into threats trends across email, mobile, and social media channels, please download the report here: www.proofpoint.com/humanfactor. You can also listen to our recent “How Today’s Threats Prey on the Human Factor” webinar.