Proofpoint releases fourth quarter summary report

proofpoint_logoKey takeaways:

Q4’s largest malicious email campaign was 6.7 times larger than the Q3’s biggest. Both of these campaigns used zipped JavaScript attachments distributing Locky, representing the rapid increases in Locky campaign volumes, especially those using compressed files and attached scripts instead of macro-laden documents.

Hundreds of thousands of mobile devices were potentially exposed to malvertising, ad redirection, and potential attack vectors via DNSChanger EK. This didn’t rely on device vulnerabilities but rather SOHO router exploits that then exposed all connected devices via DNS redirection.

4500 mobile apps associated with the Summer Olympics and sponsor brands were risky or malicious. Threats in both the mobile and social spaces frequently track major events and popular phenomena; risky apps that potentially leak data are commonplace on both major mobile platforms.

Fraudulent accounts across social channels increased by 100% from the third to fourth quarter of 2016. These accounts may be used for phishing, social spam, malware distribution, and more.

Social media phishing attacks increased 500% from beginning of 2016 to end of 2016. This includes angler phishing that intercepts customer support channels on social media.

Top recommendations:

Assume users will click. Social engineering is increasingly the most popular way to launch email attacks and criminals evolve their techniques fast. Leverage a solution that identifies and quarantines both inbound email threats targeting employees and outbound threats targeting customers before they reach the inbox.

Protect your brand reputation and customers. Fight attacks targeting your customers over social media, email, and mobile—especially fraudulent accounts that piggyback on your brand. Look for a robust social media security solution that scans all social networks and reports fraudulent activity.

Lock down mobile app environments. Mobile environments increase the risk of unauthorized apps that can steal critical corporate information. Invest in a data-driven solution that works with your mobile device management (MDM) to reveal the behavior of apps in your environment, including what data they are accessing.

Partner with a threat intelligence vendor. Smaller, more targeted attacks call for sophisticated threat intelligence. Leverage a solution that combines static and dynamic techniques to detect new attack tools, tactics, and targets—and then learns from them.

Click HERE to read full report.