There has never been a time when more cybersecurity caution has been required when traversing the online world, with the volume of messages carrying malicious phishing payloads spiking by a massive 300 per cent.
Emails and messages are not the only dangerous delivery methods employed by hackers when phishing for unsuspecting users, social media accounts are also being used as vehicles to instigate attacks.
Since the third quarter of 2017, a 70 per cent increase in phishing links in social media accounts was recorded by security specialist, Proofpoint, also responsible for noting the massive rise in message based attacks.
These statistics were provided by Proofpoint as part of its Q4 Threat Report, in which it also revealed that the Trick banking Trojan accounted for 84 per cent of malicious banking spam.
Patrick Wheeler, Director, Threat Intelligence, Threat Systems Products, Proofpoint, said: “Malicious email attachments skyrocketed, social engineering techniques sharpened and fraudulent customer support accounts proliferated – all trends we saw in the fourth quarter of 2017 across email, social media and cloud app environments. The report also highlights that hackers are increasingly targeting social media channels with a view of exploiting the human factor – with the likes of phishing links growing 70% from the previous quarter.”
A set of recommendations have been made by Proofpoint for organisations in light of these findings, the report said: “Assume users will click. Social engineering is increasingly the most popular way to launch email attacks and criminals continue to find new ways to exploit the human factor. Leverage a solution that identifies and quarantines both inbound email threats targeting employees and outbound threats targeting customers before they reach the inbox.”
Malicious threat actors are capitalising upon expanding attack surfaces in the increasingly connected world, taking advantage of the place of devices and social media hold in society, for example.
“Protect your brand reputation and customers. Fight attacks targeting your customers over social media, email, and mobile—especially fraudulent accounts that piggyback on your brand. Look for a comprehensive social media security solution that scans all social networks and reports fraudulent activity,” Proofpoint said.
The threat landscape we currently face presents a level of danger that means impregnable cybersecurity cannot possibly be guaranteed. In light of this, it is essential to cover as much ground and be as proactive as possible.
“Partner with a threat intelligence vendor. Smaller, more targeted attacks call for sophisticated threat intelligence. Leverage a solution that combines static and dynamic techniques to detect new attack tools, tactics, and targets, as well as a constantly shifting landscape—and then learns from them.”