Today's advanced attacks focus more on exploiting human flaws than system flaws. In 2015, attackers shifted away from automated exploits and instead engaged people to do the dirty work- infecting systems, stealing credentials, and transferring funds. Across all vectors and in attacks of all sizes, threat actors used social engineering to trick people into doing things that once depended on malicious code.
Download this report to learn more about this year's key findings, including:
- Extending a shift that began in 2014, URL-based campaigns gave way to massive, constantly evolving campaigns that deliver malware payloads through malicious documents.
- Social engineering has become the No. 1 infection vector.
- Campaigns are more tailored to target regions.
- Social media and mobile apps are no longer corner cases for information security policy. Instead, they have become a key route to victims.