According to Proofpoint’s report The Human Factor 2023, social engineering is more than three times more likely to be used in a cyber-attack than any other technique.
“Among the many attacks we classified, the vast majority relied on some element of psychological manipulation.
“Social Engineering is endlessly scalable and limited only by attackers’ ingenuity. And even without the use of malware or technical exploits, the aftermath of a successful social engineering attack can be devastating,” said the report.
Assisting with social interactions was the rise in threat actors’ ability to sidestep user defenses with MFA bypass kits accounting for millions of phishing messages.
Also, indicating the adoption by a significant number of less sophisticated groups: peaking at over 13 million per month is telephone-oriented attack delivery (TOAD) threats, and a twelvefold increase in “conversational” scams including romance fraud, fake job ads–the fastest growing threat in mobile.
“…our research has consistently led us toward a simple but powerful observation: people – not technology-are the most critical variable in today’s cyber threats,” stated the report.
Willy Leichter, PV of Marketing, Cyware had this to say:
“As cybersecurity improves, it shouldn’t be surprising that humans are increasingly the weakest link. But it’s also a cop out for the security industry to shrug and blame the victims. Humans will inevitably get fooled and lured into scams. As an industry we must do a better job of connecting the dots and disseminating actionable intelligence on threats and attacks to keep the damage from spreading.”
This is where education and re-education can help to make humans less of a factor in terms of attacks. Hopefully there will be a shift to make that more of a focus than it is right now.
Like this:
Like Loading...
Related
This entry was posted on June 14, 2023 at 4:45 pm and is filed under Commentary with tags Proofpoint. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Human Factor Remains Crucial While MFA Bypass Kits Surge: Proofpoint
According to Proofpoint’s report The Human Factor 2023, social engineering is more than three times more likely to be used in a cyber-attack than any other technique.
“Among the many attacks we classified, the vast majority relied on some element of psychological manipulation.
“Social Engineering is endlessly scalable and limited only by attackers’ ingenuity. And even without the use of malware or technical exploits, the aftermath of a successful social engineering attack can be devastating,” said the report.
Assisting with social interactions was the rise in threat actors’ ability to sidestep user defenses with MFA bypass kits accounting for millions of phishing messages.
Also, indicating the adoption by a significant number of less sophisticated groups: peaking at over 13 million per month is telephone-oriented attack delivery (TOAD) threats, and a twelvefold increase in “conversational” scams including romance fraud, fake job ads–the fastest growing threat in mobile.
“…our research has consistently led us toward a simple but powerful observation: people – not technology-are the most critical variable in today’s cyber threats,” stated the report.
Willy Leichter, PV of Marketing, Cyware had this to say:
“As cybersecurity improves, it shouldn’t be surprising that humans are increasingly the weakest link. But it’s also a cop out for the security industry to shrug and blame the victims. Humans will inevitably get fooled and lured into scams. As an industry we must do a better job of connecting the dots and disseminating actionable intelligence on threats and attacks to keep the damage from spreading.”
This is where education and re-education can help to make humans less of a factor in terms of attacks. Hopefully there will be a shift to make that more of a focus than it is right now.
Share this:
Like this:
Related
This entry was posted on June 14, 2023 at 4:45 pm and is filed under Commentary with tags Proofpoint. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.