Webroot Finds Windows® 7 is Becoming Even Riskier, Infections up by 71% Also, Phishing Attempts Seen by Webroot Increased by 400%
October 2019 by Webroot
Webroot, a Carbonite company, shared the results of its Webroot® Threat Report: Mid-Year Update, which explores the evolving cybersecurity landscape. Based on trends observed in the first half of 2019, Webroot found that 1 in 50 URLs are malicious, nearly one-third of phishing sites use HTTPS and Windows® 7 exploits have grown 75% since January. This report also highlights the importance of user education, as phishing lures have become more personalized as hackers use stolen data for more than just account takeover.
Key Report Findings:
• Hackers are using trusted domains and HTTPS to trick victims.
o Nearly a quarter (24%) of malicious URLs were found to be hosted on trusted domains, as hackers know trusted domain URLs raise less suspicion among users and are more difficult for security measures to block.
o 1 in 50 URLs (1.9%) were found to be malicious, which is high given that nearly a third (33%) of office workers click more than 25 work-related links per day.
o Nearly a third (29%) of detected phishing web pages use HTTPS as a method to trick users into believing they’re on a trusted site via the padlock symbol.
• Phishing continued rapid growth into 2019, and criminals are expanding their phishing targets.
o Phishing grew rapidly, with a 400% increase in URLs discovered from January to July 2019.
o The top industries impersonated by phishing include
25% are SaaS/Webmail providers
19% are financial institutions
16% social media
11% file hosting
8% payment services companies
• Phishing lures are becoming increasingly personalized as more PII is collected from breaches.
o Phished passwords are used for more than account takeover, specifically: extortion emails claiming they’ve been caught doing something embarrassing or damaging that will be shared with colleagues, friends and family unless a ransom is paid.
o Phishing doesn’t always target usernames and passwords. These attacks also go after secret questions and their answers.
• Windows 7 is becoming even riskier, with infections increasing by 71%.
o Between January and June, the number of IPs that host Windows exploits grew 75%
o Over 75% of malware on Windows systems hides in one of three places:
_41% in %temp%, 24% in %appdata% and 11% in %cache%.
Businesses can easily set policies to restrict execution of any application from the %temp% and %cache% locations, preventing more than 50% of infections.
o Malware samples seen on only one PC are at 95.2%, up from 91.9% in 2018
o Out of all infected PCs, 64% were home user machines, and 36% were business devices, likely because home users aren’t protected by corporate firewalls and security policies, and may not be updated as regularly.