Proofpoint Q3 2019 Threat Report Shows Increase in RAT and Banking Trojan Activity
Nov13

Proofpoint Q3 2019 Threat Report Shows Increase in RAT and Banking Trojan Activity

The Proofpoint Q3 2019 Threat Report has been released. The report provides insights into the main threats in Q3, 2019 and reveals the changing tactics, techniques, and procedures used by cybercriminals. The data for the report comes from an analysis of more than 5 billion email messages, hundreds of millions of social media posts, and over 250 million captured malware samples. The report reveals scammers now favor embedded hyperlinks over attachments for spreading malware. 88% of malicious emails that were used to install malware used malicious URLs. This tactic is preferred as it makes it easier to bypass email security defenses. Proofpoint notes that ransomware still poses a significant threat, but it was noticeably absent from most email campaigns. Proofpoint suggests that the fall in the value of cryptocurrencies is making it harder for threat actors to monetize their ransomware campaigns. Greater rewards can be gained through other types of malware, such as remote access Trojans (RATs) and banking Trojans. RATs and banking Trojans were the main malware threats in Q3, 2019,...

Read More
Report Reveals the Most Common Cyber Threats Faced by Healthcare Organizations
Oct16

Report Reveals the Most Common Cyber Threats Faced by Healthcare Organizations

A new report from Proofpoint offers insights into the cyber threats faced by healthcare organizations and the most common attacks that lead to healthcare data breaches. Proofpoint’s 2019 Healthcare Threat Report highlights the ever-changing threat landscape and how the tactics used by cybercriminals are in a constant state of flux. The study – conducted between Q2, 2018 and Q1, 2019 – shows how the malware variants used in attacks often change. Ransomware was a popular form of malware in Q2, 2018 and was used in many attacks on healthcare organizations, but ransomware incidents then dwindled rapidly as cybercriminals switched their attention to banking Trojans. For the remaining three quarters of the study period, banking Trojans were the malware variant of choice, although ransomware is now proving popular once again. Proofpoint’s research shows banking Trojans were the biggest malware threat to healthcare organizations for the period of the study, accounting for 41% of malicious payloads delivered via email between Q2 2018 and Q1 2019. In Q1, 2019, the biggest threat...

Read More
Healthcare Email Fraud Attacks Have Increased 473% in 2 Years
Feb14

Healthcare Email Fraud Attacks Have Increased 473% in 2 Years

A recent report from Proofpoint has revealed healthcare email fraud attacks have increased 473% in the past two years. Email fraud, also known as business email compromise (BEC), is one of the biggest cyber threats faced by businesses. Successful attacks can result in losses of hundreds of thousands or even millions of dollars. Figures from the FBI suggest that globally, $12.5 billion has been lost to these email fraud attacks since 2013. These email attacks are highly targeted and typically involve the spoofing of email addresses to make emails appear to have been sent internally or from a trusted individual. They often involve the use of a genuine email account within an organization that has previously been compromised in a phishing or spear phishing attack. The attacks are usually conducted to obtain sensitive data such as employee tax information or patient information, to obtain credentials to be used in further attacks, and for wire fraud. Wire fraud is the most common form of email fraud in healthcare. For the report, Proofpoint analyzed more than 160 billion emails sent by...

Read More
Study Reveals Healthcare Industry Employees Struggling to Understand Data Security Risks
Apr30

Study Reveals Healthcare Industry Employees Struggling to Understand Data Security Risks

The recently published Beyond the Phish Report from Wombat Security, now a division of Proofpoint, has revealed healthcare employees have a lack of understanding of common security threats. For the report, Wombat Security compiled data from nearly 85 million questions and answers posed to customers’ end users across 12 categories and 16 industries. Respondents were asked about security best practices that would help them avoid ransomware attacks, malware installations, and phishing attacks and established the level of expertise at protecting confidential information, defending against email and web-based scams, securing mobile devices, working safely in remote locations, identifying physical risks, disposing of sensitive information securely, using strong passwords, and safe use of social media and the web. Overall, the healthcare industry performed second worst for security awareness, just ahead of the hospitality industry, with the survey highlighting several areas of weakness that could potentially be exploited by cybercriminals to gain access to healthcare networks and...

Read More
Phishing Attacks Using Malicious URLs Rose 600 Percent in Q3, 2017
Oct27

Phishing Attacks Using Malicious URLs Rose 600 Percent in Q3, 2017

As recent healthcare breach notices have shown, phishing poses a major threat to the confidentiality of protected health information (PHI). The past few weeks have seen several healthcare organizations announce email accounts containing the PHI of thousands of patients have been accessed by unauthorized individuals as a result of healthcare employees responding to phishing emails. Report Shows Massive Rise in Phishing Attacks Using Malicious URLs This week has seen the publication of a new report that confirms there has been a major increase in malicious email volume over the past few months. Proofpoint’s Quarterly Threat Report, published on October 26, shows malicious email volume soared in quarter 3, 2017. Compared to the volume of malicious emails recorded in quarter 2, there was an 85% rise in malicious emails in Q3. While attachments have long been used to deliver malware downloaders and other malicious code, Q3 saw a massive rise in phishing attacks using malicious URLs. Clicking those links directs end users to websites where malware is downloaded or login credentials are...

Read More
New Ransomware and Phishing Warnings for Healthcare Organizations
Aug30

New Ransomware and Phishing Warnings for Healthcare Organizations

Warnings have been issued about a new ransomware variant that is being used in targeted attacks on healthcare organizations and IRS, FBI and Hurricane Harvey themed phishing attacks. Defray Ransomware A new ransomware variant is being used in highly targeted attacks on healthcare organizations in the United States and United Kingdom. Defray ransomware is being distributed in small email campaigns using carefully crafted messages specifically developed to maximize the probability of a response from healthcare providers. The messages claim to have been sent from the Director of Information Management and Technology at the targeted organization and include the hospital’s logos. The documents claim to be patient reports detailing important information for patients, relatives and carers. The messages are being sent to specific individuals in organizations and via distribution lists. The campaigns involve Microsoft Word documents with embedded OLE packager shell objects. Clicking the embedded executable to view the content of the document will see Defray ransomware downloaded. There is...

Read More