Phishing Grows as Compared to Social Media Lures - Proofpoint

Security firm Proofpoint says that cyber-criminals have adapted their phishing campaigns rapidly over the last year leaving social media lures in favor of a new focus on business users with templates of communication notification.

The security firm compared the findings of its 2014 report The Human Factor with its 2015 version and observed some clear differences.

94% decline in inviting lures using social media was the first and foremost difference.

Fake Linkedln invites used to be the main variety - with double of these than any other social media phishing lure.

These were substituted by so-called "communication notification" phishing emails out of which voicemail and fax notifications were probably the most common.

Interestingly, tactics moved considerably in September 2014 as organized cybercriminal phishing campaigns spreading mainly Dridex banking Trojan adopting malicious Microsoft Word document attachments as their main delivery tool. This trend continues to accelerate in 2015 too.

Proofpoint says that there were 56 different attacks which employed macros to deliver Dridex Trojan and sometimes deliver numerous million maligned emails in one day.

Networksasia.net published news on 29th June, 2015 quoting Kevin Epstein, Vice President, Advanced Security and Governance at Proofpoint, as saying that there were two grounds for this. Macro authors got better at dodging security systems and drive-by downloads got tougher to execute.

To successfully install malware through a browser download, the scamsters have to identify a virus in the browser and then pen code to take benefit of that virus.

Epstein said that it is not inexpensive and easy to find these flaws.

Moreover, once the first malware attacks, everyone learns about the vulnerability, it gets patched and people install the fixes or updates and the window of opportunity for the scamsters restricts radically.

However, that is not the case with macros.

Unfortunately, users continue to opening phishing emails and clicking on attached files in spite of being trained.

Hence, organizations can never underestimate the human factor...workers will almost always click. They must implement an advanced malware protection strategy including threat intelligence and targeted attack protection to curb opportunities for end user to interact with phishing messages before employees can click.

» SPAMfighter News - 7/7/2015