Over 99% of cyber-threats require human interaction to work, highlighting the importance of user awareness programs and layered defenses, according to Proofpoint.
The security vendor’s 2019 Human Factor report is based on an 18-month analysis of data the firm collected across its global customer base.
It adds some concrete findings to the general trend observed by many in the industry over the past few years that attackers are increasingly targeting the “weak link” in the cybersecurity chain: corporate employees.
Specific staff members, dubbed “Very Attacked People” (VAPs), are targeted most often — perhaps because they have access to corporate funds or sensitive data, or even because they are easily discoverable by outsiders.
Some 36% of VAPs identified in the report could be found online via corporate websites, social media, publications, and other methods.
To stand the best chance of success, attackers targeting humans typically mimic legitimate email patterns: fewer than 5% are sent at weekends and the biggest number (30%+) come on Mondays.
Education, finance, and advertising/marketing were the most targeted industries, with education having one of the highest average number of VAPs across any vertical, Proofpoint claimed.
In 2018, the sector accounted for the largest number of imposter attacks, along with the engineering and automotive verticals.
Microsoft products and services accounted for nearly one in four phishing attacks in 2018, with messages focused on harvesting user credentials for lateral movement, future attacks and internal phishing.
“Cyber-criminals are aggressively targeting people because sending fraudulent emails, stealing credentials, and uploading malicious attachments to cloud applications is easier and far more profitable than creating an expensive, time-consuming exploit that has a high probability of failure,” said Kevin Epstein, vice president of threat operations for Proofpoint.
“To significantly reduce risk, organizations need a holistic people-centric cybersecurity approach that includes effective security awareness training and layered defenses that provide visibility into their most attacked users.”
Written by Phil Muncaster – UK / EMEA News Reporter, Infosecurity Magazine
Microtechs 24x7x365 White label support services
Based in Surrey, Microtechs are an established and experienced end user support centre. Our Help desk and NOC experts can monitor your servers and support queue (email, RMM & phone) 24×7 or just as overflow. The Microtechs White Label support service offers a cost effective, 24×7 support option perfect for providers with an expanding customer base.
You may ask yourself:
- How can I offer support 24/7 without the stress & cost of recruiting and training?
- How can I free up my team’s time, to enable us to grow the business?
- How can I improve my bottom line?
Microtechs can help.
- Office hours or 24/7
- UK based from Guildford, Surrey
- 1st & 2nd line / NOC and incident management capabilities
- Ability to learn bespoke applications
- All white labelled to your brand
- 25-50% reduction in overheads
- Pricing from £500 per month
- Sole traders through to enterprise companies supported
Here’s what our customers have said;
“Using Microtechs to extend the helpdesk capabilities for our organisation has been a very worthwhile venture for us. The transition was very easy and simple, and we have found the Microtechs staff to be both knowledgeable and professional; in their dealings with our clients.”
“My customers receive a polite service and their issues are dealt with quickly and professionally. In short Microtechs provide a courteous, effective and cost-efficient service that enables me to offer my customers 24/7 support without the associated expense.”
It would be great to have a chat with you and understand a little about your business, even if you are not quite ready to outsource.
Live chat us now or call 01483 407417