Hackers overwhelmingly sought to socially engineer and exploit computer users last year rather than create automated exploits for use in email-based attacks, according to Proofpoint.
The cybersecurity company claimed in its new The Human Factor 2016 report that 99.7% of documents used in attachment-based campaigns relied on social engineering and macros.
What’s more, 98% of URLs in malicious messages link to executables, or executables inside an archive – which have to be opened by the user.
Similarly, phishing became 10-times more common on social media than malware, with 40% of Facebook accounts and 20% of Twitter accounts claiming to represent a Fortune 100 brand actually being unauthorized.
To mitigate this human-centric shift in attack tactics, organizations need to blend technical and non-technical elements, according to Kevin Epstein, VP of threat operations at Proofpoint.
"Focused, customized training is crucial. Proofpoint's earlier Human Factor research showed increasing susceptibility as people got 'bored'; having experienced users repeat the same course over and over can be counterproductive,” he told Infosecurity by email.
“Modern defense systems can identify particularly problematic users – ‘Mr. or Ms. Clicky’ – and additional defensive measures ranging from delaying inbound email to deliberately exposing those users to a wide range of testing phish and malicious attachments."
The report also highlighted the growing problem of mobile threats.
Proofpoint discovered a total of over 12,000 malicious mobile apps responsible for more than two billion downloads globally – mainly, but not exclusively, found on rogue Android app stores.
There was also bad news for iOS users. Proofpoint claimed that 40% of large enterprises it studied had malicious apps running from rogue app stores, or ‘DarkSideLoader marketplaces.’
Typically, users are tricked into visiting these online stores and downloading free versions of popular games or banned apps, which often end up containing malware designed to steal information, load backdoors and more. The app stores apparently work even for non-jailbroken devices.