Phishing: The only certainty is there is no certainty
Published 20-FEB-2020 15:20 P.M.
|
3 minute read
Hey! Looks like you have stumbled on the section of our website where we have archived articles from our old business model.
In 2019 the original founding team returned to run Next Investors, we changed our business model to only write about stocks we carefully research and are invested in for the long term.
The below articles were written under our previous business model. We have kept these articles online here for your reference.
Our new mission is to build a high performing ASX micro cap investment portfolio and share our research, analysis and investment strategy with our readers.
Click Here to View Latest Articles
OpenTextTM today issued the 2020 Webroot Threat Report, highlighting not only the agility and innovation of cybercriminals who continue to seek out new ways to evade defences, but also their commitment to long-established attack methods. Most notably, Webroot observed a 640 percent increase in phishing attempts and a 125 percent increase in malware targeting Windows 7®. The report is derived from metrics captured and analysed by Webroot’s advanced, cloud-based machine learning architecture: the Webroot® Platform.
“In the cybersecurity industry the only certainty is that there is no certainty, and there is no single silver bullet solution,” said Hal Lonas, Senior Vice President and CTO, SMB and Consumer, OpenText.
“The findings from this year’s report underline why it’s critical that businesses and users of all sizes, ensure they’re not only protecting their data but also preparing for future attacks by taking simple steps toward cyber resilience through a defence-in-depth approach that addresses user behaviour and the best protection for network and endpoints.”
Download the full report here.
Notable Findings:
- Phishing URLs encountered grew by 640 percent in 2019.
- 1 in 4 malicious URLs is hosted on an otherwise non-malicious domain.
- 8.9 million URLs were found hosting a cryptojacking script.
- The top sites impersonated by phishing sites or cybercriminals are Facebook, Microsoft, Apple, Google, PayPal and DropBox.
- The top five kinds of websites impersonated by phishing sites are crypto exchanges (55%), gaming (50%), web email (40%), financial institutions (40%) and payment services (32%).
- Malware targeting Windows 7® increased by 125 percent.
- 93.6 percent of malware seen was unique to a single PC – the highest rate ever observed.
- 85 percent of threats hide in one of four locations: %temp%, %appdata%, %cache%, and %windir%, with more than half of threats (54.4%) on business PCs hiding in %temp% folders. This risk can be easily mitigated by setting a Windows policy to disallow programs from running from the temp directory.
- IP addresses associated with Windows exploits grew by 360 percent, with the majority of exploits targeting out-of-date operating systems.
- Consumer PCs remain nearly twice as likely to get infected as business PCs.
- The data reveals that regions most likely to be infected also have the highest rates of using older operating systems.
- Of the infected consumer devices, more than 35 percent were infected more than three times, and nearly 10 percent encountered six or more infections.
- The continued insecurity of consumer PCs underscore the risk companies face in allowing employees to connect to business networks from their personal devices.
- Trojans and malware accounted for 91.8 percent of AndroidTM threats.
Explore all the findings here.
The 2020 Webroot Threat Report presents analysis, findings and insights from the Webroot Threat Research team on the state of cyber threats. The report analysed samples from more than 37 billion URLs, 842 million domains, 4 billion IP addresses, 31 million active mobile apps, and 36 billion file behaviour records. The statistics presented in this annual threat report are derived from metrics automatically captured and analysed by the Webroot® Platform, an advanced, cloud-based machine learning architecture. This system provides proactive protection for users and networks against both known and zero-day, never-before-seen and advanced persistent threats. Threat intelligence produced by the platform is used by Webroot® endpoint security products and by technology partners through Webroot BrightCloud® Threat Intelligence Services.
General Information Only
S3 Consortium Pty Ltd (S3, ‘we’, ‘us’, ‘our’) (CAR No. 433913) is a corporate authorised representative of LeMessurier Securities Pty Ltd (AFSL No. 296877). The information contained in this article is general information and is for informational purposes only. Any advice is general advice only. Any advice contained in this article does not constitute personal advice and S3 has not taken into consideration your personal objectives, financial situation or needs. Please seek your own independent professional advice before making any financial investment decision. Those persons acting upon information contained in this article do so entirely at their own risk.
Conflicts of Interest Notice
S3 and its associated entities may hold investments in companies featured in its articles, including through being paid in the securities of the companies we provide commentary on. We disclose the securities held in relation to a particular company that we provide commentary on. Refer to our Disclosure Policy for information on our self-imposed trading blackouts, hold conditions and de-risking (sell conditions) which seek to mitigate against any potential conflicts of interest.
Publication Notice and Disclaimer
The information contained in this article is current as at the publication date. At the time of publishing, the information contained in this article is based on sources which are available in the public domain that we consider to be reliable, and our own analysis of those sources. The views of the author may not reflect the views of the AFSL holder. Any decision by you to purchase securities in the companies featured in this article should be done so after you have sought your own independent professional advice regarding this information and made your own inquiries as to the validity of any information in this article.
Any forward-looking statements contained in this article are not guarantees or predictions of future performance, and involve known and unknown risks, uncertainties and other factors, many of which are beyond our control, and which may cause actual results or performance of companies featured to differ materially from those expressed in the statements contained in this article. S3 cannot and does not give any assurance that the results or performance expressed or implied by any forward-looking statements contained in this article will actually occur and readers are cautioned not to put undue reliance on forward-looking statements.
This article may include references to our past investing performance. Past performance is not a reliable indicator of our future investing performance.