Researchers from Proofpoint have today issued their Quarterly Threat Summary from Q4 2016, which analyses threats trends across email, mobile and social media. The report is available here and also takes a look back across the whole of 2016 and discusses significant changes in the threat landscape.
The key findings include:
- Social media phishing attacks increased 500% from beginning of 2016 to end of 2016. This includes angler phishing where attackers intercept customer support channels on social media in an attempt to steal credentials. In Q4, angler phishing was the most common among financial services and entertainment accounts.
- Fraudulent accounts across social channels increased by 100% from the third to fourth quarter of 2016. These fraudulent accounts were used for phishing, social spam, malware distribution and more. To that end, Proofpoint researchers observed a 20% increase in spam content across Facebook and Twitter quarter over quarter.
- 4500 mobile apps associated with the Rio 2016 Summer Olympics and sponsor brands were risky or malicious. Threats in both the mobile and social spaces frequently track major events and popular phenomena; risky apps that potentially leak data are commonplace on both major mobile platforms.
- The number of new ransomware variants grew by 30 times over Q4 2015. The vast majority of volume related to Locky, but the number of variants continues to grow rapidly. Cerber, CryptXXX, and others were also prevalent, distributed both via email and exploit kit.
- CEO to CFO spoofing dropped 28% by December from a high of 39% in August while DMARC adoption grew by 33% over Q3 2016. Organizations are becoming more aggressive in the way that they address business email compromise (BEC), but BEC actors are adapting as well, employing more effective techniques. By the end of the last quarter, it was clear that BEC actors had realized that spoofing emails to the CFO from the CEO was less effective than spoofing emails from the CEO to other staff.
The full report can be found here