Social Engineering Confirmed as Top Security Threat
Researchers at Proofpoint have found social engineering has become the top attack technique.
The study confirms the conclusion of similar research by security firm Balabit which found that social engineering tops the list of the most 10 most popular hacking methods.
According to the latest annual Human Factor report from Proofpoint, attackers shifted away from automated exploits in 2015 and turned to email, social media and mobile apps to steal credentials and transfer funds.
The researchers found that machine exploits have been greatly replaced by human exploitation with many attackers opting for attachment-based social engineering campaigns rather than purchasing expensive technical exploit kits.
The report states that defences must adapt to detect and stop attacks that do not depend on automated exploits to carry out infections. The report also recommends building capacity to detect obscured code embedded in a document and URLs that link to phishing sites.
The report said: "Dynamic analysis and predictive analytics are essential to identifying phishing pages. Organisations must combine these capabilities with real-time detection of clicks that showed an employee followed a link and potentially put both their and the company's data at risk."
The report also found that two out of five enterprises are affected by dangerous mobile apps from rogue marketplaces and urged organisations to take action to defend themselves against this wide range of threats.
Return to internet news headlines
View Internet News Archive