Human Factor Hero Banner

Human Factor Report

Human Factor 2016

Today’s advanced attacks focus more on exploiting human flaws than system flaws. To explore this under-reported aspect of enterprise threats, we created The Human Factor.

This paper presents original field research using data gathered by Proofpoint products deployed in customer settings around the world. It covers the latest trends in in email attachments, social media posts, and URLs. The Human Factor reveals not just who is clicking what, but how threat actors are exploiting the human factor. Because as the data makes clear, the weakest link in security is all of us.

Read Threat Insight Blog: The Human Factor 2016—People are the Key

Full Report

The Human Factor Report

Highlights of this year’s report:

  • Extending a shift that began in 2014, URL-based campaigns gave way to massive, constantly evolving campaigns that deliver malware payloads through malicious documents. 
  • Social engineering has become the No. 1 infection vector. 
  • Campaigns are more tailored to target regions.
  • Social media and mobile apps are no longer corner cases for information security policy. Instead, they have become a key route to victims. 

 

Download the full report

See It for yourself

Last year social engineering was the #1 attack technique. People replaced exploits as attackers’ favorite way to beat cybersecurity.

Who is clicking and how threat actors are exploiting the human factor

Nine Defensive Recommendations

Attackers know that people make the best exploits. Oganizations need to defend themselves against a wide range of threats.

See key findings and defensive recommendations from the Human Factor Report and learn why the weakest link in security is all of us.

 

Read More

See It for yourself 2

40% of large enterprises sampled had malicious apps from DarkSideLoader marketplaces

By the numbers

Targeting people when and where they click

While the high-volume campaigns of 2015 were highly targeted by geography on the whole, they were much less selective within each region: email campaigns tended to blanket every person and department within a targeted organization.

This infographic provides a detailed look at each campaign's start and how it moved across the global landscape.

 

Read More

Dark Reading

Human Factor Webinar

Join Proofpoint Director of Threat Intelligence Patrick Wheeler for a webinar presentation of the original field research from data gathered by Proofpoint products deployed in customer settings around the world.  Patrick will cover threats in email attachments, social media posts, and URLs.

In this webinar you will see not just who is clicking what—but when, where, and why they are clicking:

  • Who is being targeted, and who is falling victim
  • What attackers are sending, and which lures are working
  • When threats arrive, and when people are most likely to click


Watch Now