Phishing threats still dwarf vulnerabilities, zero-days

Proofpoint research shows that while phishing attacks now require victims to take more steps, the success rate for such attacks hasn't declined and enterprises are still on the defensive. Phishing threats continue to evolve and stay one step ahead of enterprise defenses, according to new research from Proofpoint. Proofpoint's report, titled "The Human Factor 2018," revealed several trends and techniques for social engineering attacks, including phishing threats, observed in 2017 based on data from more than 1 billion email messages a day. The email security vendor's report revealed shifts in targeted attacks and techniques used by a variety of threat actors last year. Overall, the report also claimed that social engineering attacks still dominate the threat landscape. "As many as 95% of observed web-based attacks like these, including those involving exploit kits, incorporated social engineering to trick users into installing malware rather than relying on exploits with short shelf lives," Proofpoint researchers wrote. "Two years ago, social engineering in web-based attacks was much less widely deployed." Ryan Kalember, Proofpoint's senior vice president of cybersecurity strategy, said just 1% of the targeted attacks the vendor saw in 2017 used a vulnerability to gain a foothold in the organization. "Attackers just go on Google or LinkedIn for the person who has access to the things they want then they email them something targeted toward those specific people," Kalember said. "They're all relying on the human target to do the work for them."