Cyber criminals increasingly move from technological vulnerabilities to targeting people

Cyber security company Proofpoint has released evidence that cyber criminals are increasingly turning their attention away from technological vulnerabilities and towards the people that use that technology. Proofpoint’s report, The Human Factor, adds to this claim, highlighting that criminals are also timing their attacks for both specific times and days when they believe people are most likely to fall victim.

Rise in phishing

Proofpoint reports that criminals began focusing their attacks on people in 2015, and have since ramped up these tactics. Proofpoint credits this rise to attack methods such as business email compromise schemes and ransomware. Both of these are typically conducted through phishing attacks, with victims being tricked into clicking on malicious links or attachments. Proofpoint claimed that, by the end of last year, more than 99% of attachment-based email attacks were enabled by the user clicking something, rather than by an automated exploit.

This trend extends to URL-based threats. According to the report, “more than 90% of messages led users to credential phishing pages, which trick victims into entering their usernames and passwords, rather than to exploits”.

The study reveals that 25.5% of malicious attachments and links are clicked on within 10 minutes of the emails being sent. Almost half (48.6%) are clicked on within 1 hour.

These findings are similar to those of the Financial Fraud Action UK year-end review, which was released in April. That report, which focused on the banking sector, also claimed that cyber criminals were targeting people directly through phishing attacks.

When are you most likely to fall victim?

According to Proofpoint, you are most likely targeted by an attack on a Thursday between 12 pm and 1 pm. Emails containing malicious attachments are 38% more common on Thursdays than on the average weekday. The second most likely day on which to be targeted is Wednesday, while the figures for Mondays, Tuesdays and Fridays are about equal.

As for the time of day, activity increases quickly from 8 am and then peaks at around lunchtime. Proofpoint notes that this trend is consistent across the globe, although attacks in the US, Canada and Australia follow the pattern most closely. In the UK, the figures are spread more evenly across the morning and drop off after 2 pm.

“The data suggests attackers are very aware of human behavioural weaknesses,” Kevin Epstein, Proofpoint’s vice president of threat operations, told SC Media. “For example, many office workers are attempting to catch up on email or mobile devices at lunchtime; it’s more likely that they’ll click without pausing to consider warning signs, context, and ramifications when they’re distracted or under time pressure.”

Minimise the risk of phishing attacks

Our information page details the staff training services that we offer to help prevent phishing across your organisation. You can choose either a Simulated Phishing Attack, which can quickly determine if there is an internal awareness problem, or our more in-depth Phishing Staff Awareness Course. With testing and training, IT Governance can help keep your staff on top of existing and newly found phishing threats.

Take a look at our phishing information page >>