While attacking the human element is by no means a new tactic, according to the recently released Proofpoint Human Factor 2016 report, social engineering has become the most used attack technique as attackers trick people into infecting their computers themselves and are less reliant on automated exploits.
Proofpoint found 99.7 percent of attachment documents and 98 percent of URLs in malicious email campaigns required human interaction to infect the target.
The report also found a trend among attackers who served phishing emails in the morning and social media spam at noon, timing their attacks to ensure optimal distraction. Tuesday mornings between 9-10 a.m. was the most popular time for phishing campaigns, while most social media spam hit in the afternoon, the report said.
As was the case in 2014, Tuesday remained the preferred day of the week for delivering malicious messages, though the difference compared to other days of the week was less pronounced.
The report showed attackers were most active from Monday to Wednesday and click counts by day of the week followed a similar trend, with days toward the end of the work week showing decrease in clicks.
Malicious Microsoft Office macros, which first appeared in late 90s, started fading out when Office 2007 turned macros off by default. However, bad guys began using them again in late 2014 and early 2015, and increased the volume of spam emails containing attached documents with malicious macros by the end of last year, aggressively targeting organizations in the UK and Europe.
Proofpoint researchers also found social media phishing scams became 10 times more common compared to social media malware. They also found 40 percent of accounts on Facebook and 20 percent of accounts on Twitter claiming to represent a global 100 brand were unauthorized.
The report also found ransomware was highly popular in exploit kit campaigns in 2015, and that it continues to be the case in 2016. Banking Trojans were the most popular threats used in malicious email campaigns, with Dridex message volume almost 10 times greater than the next most-used threat, Proofpoint researchers said.
According to the report, people willingly downloaded more than two billion mobile applications designed to steal data, and the security company has found over 12,000 malicious mobile apps in authorized Android app stores. Many of these ended up built to steal user information, create backdoors on the compromised devices, and perform other activities.
Proofpoint researchers also said dangerous mobile applications from rogue marketplaces affect 2 in 5 enterprises. Additionally, 40 percent of large enterprises sampled by the security firm had malicious apps from rogue app stores on mobile devices, with these programs capable of stealing personal information, passwords or data.