BROOMFIELD, Colo., Oct. 8, 2019 /PRNewswire/ -- Webroot, a Carbonite
(NASDAQ: CARB) company, shared the results of its
Webroot® Threat Report: Mid-Year Update, which explores
the evolving cybersecurity landscape. Based on trends observed in
the first half of 2019, Webroot found that 1 in 50 URLs are
malicious, nearly one-third of phishing sites use HTTPS and
Windows® 7 exploits have grown 75% since January. This
report also highlights the importance of user education, as
phishing lures have become more personalized as hackers use stolen
data for more than just account takeover.
Explore the Webroot Threat Report: Mid-Year
Update:
https://mypage.webroot.com/2019-threat-report-update.html
Key Report Findings:
- Hackers are using trusted domains and HTTPS to trick
victims.
-
- Nearly a quarter (24%) of malicious URLs were found to be
hosted on trusted domains, as hackers know trusted domain URLs
raise less suspicion among users and are more difficult for
security measures to block.
- 1 in 50 URLs (1.9%) were found to be malicious, which is high
given that nearly a third (33%) of office workers click more than
25 work-related links per day.
- Nearly a third (29%) of detected phishing web pages use HTTPS
as a method to trick users into believing they're on a trusted site
via the padlock symbol.
- Phishing continued rapid growth into 2019, and criminals are
expanding their phishing targets.
-
- Phishing grew rapidly, with a 400% increase in URLs discovered
from January to July 2019.
- The top industries impersonated by phishing include:
-
- 25% are SaaS/Webmail providers
- 19% are financial institutions
- 16% social media
- 14% retail
- 11% file hosting
- 8% payment services companies
- Phishing lures are becoming increasingly personalized as
more PII is collected from breaches.
-
- Phished passwords are used for more than account takeover,
specifically: extortion emails claiming they've been caught doing
something embarrassing or damaging that will be shared with
colleagues, friends and family unless a ransom is paid.
- Phishing doesn't always target usernames and passwords. These
attacks also go after secret questions and their answers.
- Windows 7 is becoming even riskier, with infections
increasing by 71%.
-
- Between January and June, the number of IPs that host Windows
exploits grew 75%
- Over 75% of malware on Windows systems hides in one of three
places:
-
- 41% in %temp%, 24% in %appdata% and 11% in %cache%.
- Businesses can easily set policies to restrict execution of any
application from the %temp% and %cache% locations, preventing more
than 50% of infections.
- Malware samples seen on only one PC are at 95.2%, up from 91.9%
in 2018
- Out of all infected PCs, 64% were home user machines, and 36%
were business devices, likely because home users aren't protected
by corporate firewalls and security policies and may not be updated
as regularly.
Key Quotes:
Tyler Moffitt, Senior Threat
Research Analyst, Webroot
"We are beginning to see hackers create more personalized
phishing emails using data gathered in recent massive breaches, as
well as the use of HTTPS and trusted domains to seem more
legitimate. These tactics take advantage of familiarity and
context, and result in unwarranted trust. Businesses and consumers
need to be aware of and continually educate themselves about these
evolving methods and risks to protect their data and devices."
Additional Resources
- Psychology of a Click Video
- Webroot Threat Report: Mid-Year Update
- Webroot Threat Report: Mid-Year Update Video
- Webroot Smarter Cybersecurity® Solutions for
Businesses
- Thoughtful Design in the Age of Cybersecurity AI
Methodology
The Mid-Year Update is an extension of the annual Webroot Threat
Report, which examines emerging threats and cybercrime trends from
the previous year, and shares perspectives and predictions for the
future.
About Webroot
Webroot, a Carbonite company, harnesses the cloud and artificial
intelligence to protect businesses and individuals against cyber
threats. We provide endpoint protection, network protection, and
security awareness training solutions purpose built for managed
service providers and small businesses. Webroot
BrightCloud® Threat Intelligence Services are used by
market leading companies like Cisco, F5 Networks, Citrix,
Aruba, Palo Alto Networks, A10
Networks, and more. Leveraging the power of machine learning to
protect millions of businesses and individuals, Webroot secures the
connected world. Webroot operates globally across North America, Europe, Australia and Asia. Discover Smarter
Cybersecurity® solutions at webroot.com.
Social Media: Twitter | LinkedIn | YouTube | Facebook
About Carbonite
Carbonite provides a robust data protection platform for
businesses, including backup, disaster recovery, high availability
and workload migration technology. The Carbonite data protection
platform supports businesses on a global scale with secure cloud
infrastructure. To learn more, visit www.carbonite.com and follow
us on Twitter at @Carbonite.
Carbonite, Inc. serves customers through three brands: Carbonite
data protection, Webroot cybersecurity, and MailStore email
archiving.
View original content to download
multimedia:http://www.prnewswire.com/news-releases/webroot-finds-windows-7-is-becoming-even-riskier-infections-up-by-71-300933889.html
SOURCE Webroot