High-volume attack campaigns returned in the second quarter, stark contrast from the smaller, more targeted attacks we saw in the first quarter. Attackers spread a variety of ransomware and banking Trojans in high volumes. At the same time, email fraud continued to evolve. Exploit kits (EKs) and web-based attacks grew more sophisticated. And more attacks used social engineering, especially those carried out through email, EKs, and social media. Like most of today’s cyber attacks, they preyed on human nature, not just technical exploits.
Click here to download the full report.
- Ransomware accounted for 68% of all malicious messages containing malware.
- Malicious message volume soared 250% vs. the previous quarter.
- Dridex is back.
- “One-to-one” email fraud attacks surged almost 30% from Q1.
Exploit kits and web-based attacks
- Exploit kit traffic held steady at levels set last year, led by the RIG EK.
- EKs spread disruptive ransomware through malicious web ads.
- Fake social-media support accounts quadrupled vs. Q1
- Attackers are using social engineering to trick users into giving access to their accounts and personal details.