Proofpoint released a new report this week which looks to provide some insight to many of the general threats online users faced during Q4, 2017. The ‘Threat Report’ found that in the last quarter of last year attacks via email increased significantly. In particular, the report draws on the return of the use of email attachments to lure potential victims in. This is notably as the report explains that in the previous quarter URL links had become the preference for email attacks. However, the “rapid swing back” resulted in an increase in attachment-related attacks to the tune of 300-percent.
According to the report, overall, ransomware remained the go-to option for attackers. Interestingly, however, while Bitcoin is often understood as the currency of choice for attackers, the last quarter saw a massive drop (73-percent) in the recorded number of requests for payments (ransoms) in Bitcoin. That is, payments valued in Bitcoin as Bitcoin itself still remained the dominant method of payment, just not the currency of payment. Something which Proofpoint explain away as an effect of the high fluctuations in the value of Bitcoin of late. Another notably development in the latest findings is the growing use of social media as a means to attract and attack users. This is particular to what the industry refers to as “angler phishing” where fake company accounts are set up and used to essentially redirect brand customers to a fake website or URL. According to Proofpoint, attacks using this method rose by 30-percent during Q4. Although what might be more concerning is the use of phishing links through social media in general, as these were noted growing by 70-percent during the same time-frame.
While it may be easy to suggest that email and social media users should just be more cautious when dealing with links and attachments, that is not the message Proofpoint is sending out to those looking to mitigate against these types of attacks. Instead, Proofpoint is advising companies and brands that it is better to “assume users will click” and therefore companies should look to secure email interfaces and/or social media profiles before attackers can utilize them to engage with potential customers and users.