SonicWall Cyber Threat Report – Phishing Down for Third Straight Year

SonicWall Cyber Threat Report – Phishing Down for Third Straight Year

Mirroring how malware is being leveraged,
cybercriminals are being more targeted with
phishing than ever before, too. So much so,
SonicWall Capture Labs threat researchers
recorded a 42% decline in overall phishing
volume, the third straight year the attack vector

Also like malware, volume is only part of the story.
Phishers are being measured, pragmatic and
patient. Besides the usual phishing campaigns
that attempt to steal login credentials, SonicWall
observed new practices using old tricks.

One such example is the use of HTML files
leveraging legacy data uniform resource identifier
(URI) methods other than JavaScript, which upon
rendition displays a fraudulent webpage or form
to the victim to illegally obtain usernames and/or
passwords from unsuspecting victims.

Employees across a range of organizations,
including educational, banking, computer,
government, airlines, agriculture, travel,
machinery, construction, among others, are often
the target of this prevalent phishing tactic.
As was covered in a previous section, PDFs and
Microsoft Office files are the delivery vehicles of
choice for the modern cybercriminal.

Unfortunately, these files are universally trusted
and abundant in the modern workplace.
Threat actors are hoping this trust, coupled with
busy work schedules, is enough to trick
unsuspecting victims into clicking links or
downloading attachments included within
phishing emails. In many situations, this click is
the only barrier preventing the delivery of the
cybercriminal’s payload.


See how the experts at CisCom can help you with this and more!

Blog content for the Sonic Wall Cyber Threat Report series provided by our partners at SonicWall.