Vol. 1: Social Engineering
Cyberattackers target people. They exploit people. Ultimately, they are people. That’s why the Human Factor report focuses on how technology and psychology combine to make people so susceptible to modern cyber threats. In this first volume, we take a closer look at attacks that rely on social engineering, including business email compromise (BEC) threats, email fraud and phishing.
Here are a few highlights:
- Pure social engineering is featured in 25% of all advanced persistent threat (APT) campaigns
- Advanced fee fraud increased by nearly 50%
- More than 90% of pure social engineering APT campaigns pretend to be interested in collaboration and engagement
- Extortion-based email fraud threats dropped by almost 70%
- APT threat actors rely on benign conversation techniques for their phishing campaigns
- Personalized security awareness training has the biggest impact
