Cybercrims are ramping up their efforts to target employees through fraudulent email and social media scams, according to a new study by email security firm Proofpoint.
Retailers and government agencies saw huge quarter-on-quarter increases in email fraud attempts in calendar Q2, with attacks per company and agency soaring 91 per cent and 84 per cent respectively. Year-over-year increases were even higher.
Attacks against government agencies have increased fivefold over the last 12 months while assaults against the education sector have more than tripled year-on-year.
Workers in operations and production functions are the most exposed, representing 23 per cent of highly targeted malware and credential phishing attacks. The number of email fraud attacks per targeted company rose 85 per cent from this time last year.
Ordinary workers and lower-level management accounted for about 60 per cent of highly targeted malware and credential phishing attacks. But executives and upper-level managers, who form a smaller proportion of the total workforce, received a disproportionately large share of attacks.
The volume of malicious email jumped 36 per cent vs the previous quarter, buoyed by a wide range of email payloads and attackers. Ransomware rebounded, accounting for nearly 11 per cent of total malicious email volume. File-encrypting threats had fallen sharply in previous quarters after dominating much of 2017.
Proofpoint's Protecting People study further reported that phishing links sent through social media shot up 30 per cent. A spike during the April-June 2018 period under study reversed months of decline as attackers found ways around automated remediation tools put in place by platforms like Twitter, Facebook and Instagram.
The stats are based on an analysis of more than 600 million emails, 7 million mobile apps, and hundreds of thousands of social media accounts.
Proofpoint's study – published today – focused on attacks targeting people, not technology. Phishing and similar techniques are often how crooks and more advanced attacks first gain a foothold when targeting organisations, by either stealing credentials or tricking a mark into opening a malware-tainted link. ®