Proofpoint has released its Quarterly Threat Summary looking back at 2016, and it’s a case of more sophisticated evolution, more email malware, more social engineering, more BEC scams and more of a market for cyber exploit kits.
Business Email Compromise (BEC) scams were also on the rise, but CEO-CFO spoofing dropped 28%, down from its 39% high in Q3.
Social media phishing attacks have jumped by 500% in 2016 alone. Angler phishing was a popular method, which intercepts customer support channels on social media.
Fraudulent accounts on social channels also jumped by 100% between Q3 and Q4 alone, which Proofpoint says may be indicative of use in phishing, social spam and malware distribution and other attacks.
Mobile devices were not shielded from malware, as hundreds of thousands were exposed to malvertising, ad redirection and potential attack vectors through DNSChanger EK, which used SOHO router exploits that exposed all connected devices via DNS redirection.
More than 4500 mobile apps that tied themselves to the Summer Olympics and associated sponsor brands were also malicious. Proofpoint says that popular events and culture are common targets for risky apps.
Proofpoint’s top tips for organisations: