The Latest Cyber Security Threats

Learn about the latest security threats and how to protect your people, data, and brand.

Overview

Today’s attackers are taking advantage of changing business dynamics to target people everywhere they work. Staying current on the latest cyber security attack vectors and threats is an essential part of securing the enterprise against breaches and compromised data.

Someone Making Purchase on Laptop with a Credit Card - Ransomware

Ransomware

Ransomware is a type of malicious software that blocks access to a computer system or data, usually by encrypting it, until the victim pays a fee to the attacker. In many cases, the ransom demand comes with a deadline—if the victim doesn’t pay in time, the data is gone forever.

Man Uses Laptop - BEC

Business Email Compromise (BEC)

Impostor emails trick people into sending money—sometimes hundreds of thousands of dollars in a single wire transfer—or sensitive corporate or personal data. These security threats appear to come from the CEO or other high-level executives and urge the recipient to keep the details confidential.   

Man Uses Cell Phone - Information Seeking Scams

Information Seeking Scams

Scammers want information, and they try to extract it by tricking recipients of emails. The information they collect could be an organization chart - or as significant as usernames and passwords to corporate resources. 

Someone Uses Laptop to Check Email - Spam

Spam

Spam, also known as Unsolicited Commercial Email (UCE), is often questionable, mass-emailed advertisements. At its peak, spam accounted for 92% of all email traffic, and most of the spam was non-malicious.

Two Male Colleagues Discuss Malicious Email Attachments

Malicious Email Attachments

Cyber attackers attach files to emails that indirectly launch an executable program that can destroy data, steal and upload information to outsiders, or can silently use the infiltrated computer for other tasks – all without the user’s knowledge.

Man Checks Email on Tablet - Phishing Protection

Phishing

Phishing is a socially engineered cyber security attack that uses embedded URL links to extract information from the user or take control of their computer. Clicking on a link opens a browser, and the user is taken to a site that’s been setup as a trap by the attackers.

Colleague Discuss an Email Attack - Longlining Attack

Longlining

Mass customized phishing messages that are typically engineered to look like they are only arriving in small quantities, mimicking targeted attacks. Cyber attackers leverage approaches used by mass marketing campaigners to generate millions of dissimilar messages.

Image of a URL Protocol - Watering Hole Attack

Watering Hole

A targeted cyber security attack designed to compromise users within a specific industry or function by infecting websites they typically visit and luring them to a malicious site. Watering Hole attacks, or strategic website compromise attacks, are limited in scope as they rely on an element of luck. 

Spear Phishing Attack

Spear Phishing

Socially-engineered and sophisticated cyber security threats sent to an organization’s users that are typically designed to steal information. Spear phishing is a phishing attack where attackers typically personalize messages to the user based on publicly available information about them.

Man Using iPad - Advanced Persistent Threat

Advanced Persistent Threat

Mostly nation-state-sponsored attacks aimed at compromising an organization to carry out espionage or sabotage goals, but which aim to remain undetected for a longer period of time. The term Advanced Persistent Threat (APT) is often misused.

Image of Employees Wearing Suits - Endpoint Security Threats

Endpoint-Delivered Threats

Cyber attackers can use strategies such as leaving an infected USB drive around the organization’s parking lot in anticipation that an employee will pick it up and plug it into a network-connected system.

Image of Computer Hardware - Network Delivered Threats

Network-Delivered Threats

To execute a successful network attack, attackers must typically actively hack a company’s infrastructure to exploit software vulnerabilities that allow them to remotely execute commands on internal operating systems. 

Woman Using Laptop - Graymail Attacks

Graymail

Graymail is bulk email that does not fit the definition of spam because it is solicited and has varying value to different recipients. 

Protection des informations personnelles avec Proofpoint Data Loss Prevention

Email Archiving

Email archiving is a system for preserving email communications in a format that can be digitally stored, indexed, searched and retrieved.

Woman checking email on a smartphone - Secure Email Gateway

Email Gateway

A Secure Email Gateway (SEG) is a device or software that is used to monitor emails that are being sent and received. A SEG is designed to prevent unwanted email security threats and deliver good emails.

Email Security Best Practice

Email Security

Email security describes various techniques for keeping sensitive information in email communication and accounts secure against unauthorized access, loss, or compromise.

Email Filtering

Email Filtering is the process of filtering the inbound and outbound email traffic of an organization. For some industries, an on-premises email filtering deployment is required to comply with certain regulations.

encryption

Encryption

In cryptography, encryption is the process of encoding a message or information in such a way that only authorized parties can access it and those who are not authorized cannot.

data loss prevention

Data Loss Prevention (DLP)

Data loss prevention (DLP) is a strategy for making sure that end users do not send sensitive or critical information outside the corporate network. The term is also used to describe software products that help a network administrator control what data end users can transfer.

Male Hands Pressing on Tablet

DMARC

DMARC is an open email authentication protocol that enables domain-level protection of the email channel. DMARC authentication is designed to detect and prevent email spoofing techniques often used in phishing, business email compromise (BEC), and other email-based attacks.