As we wrap up our series on the Webroot 2016 Threat Brief (see also Key Trends in Next-Generation Threats and Webroot 2016 Threat Brief: Understanding Your Adversary is Key,we turn our focus to the rapid expansion of phishing targets and the growing security challenges that characterize today’s mobile apps.
Technology Companies Prime Targets for Phishing
According to the Webroot 2016 Threat Brief, the average likelihood of a user encountering a true zero-day phishing site over the course of a year was only 30% in 2014, but climbed sharply to 50% in 2015. Although all subsequent contact attempts by Webroot customers were automatically blocked, this significant increase underscores the growing prevalence and efficacy of zero-day phishing.
Of the companies targeted by phishing sites in 2015, technology companies were besieged by over twice as many phishing sites as financial institutions.
However, financial institutions were impersonated 56% of the time and technology companies only 44% of the time. This means that there were over two and a half times more phishing attempts per technology company than per financial institution. In fact, Google alone was targeted by over 83,000 phishing sites during 2015. Above all, what we can glean from this data is that real-time anti-phishing protection that can keep up with the dynamic nature of today’s phishing attacks is essential for endpoint security and breach prevention.
Mobile Apps are Riskier Than Ever
Between the prevalence of smartphones and tablets and the continued popularity of Bring Your Own Device (BYOD), mobile applications and compromised devices have become targets of interest to attack both individuals and the networks to which they connect.
Webroot continuously analyzes new and updated applications from app stores and other online sources; this intelligence is then used to help protect Webroot mobile customers, and is available to vendors who provide mobile management and security solutions via the BrightCloud® Mobile App Reputation Service and Mobile Security SDK. These services help such vendors address the security vulnerabilities that mobility and the BYOD trend create by restricting access to applications and compromised devices.
In 2015, Webroot added over 10 million new and updated Android® apps to its App Reputation service, which now includes over 20 million apps. In the first half of 2014, 27% of new and updated apps were benign, 51% were moderate or suspicious, and 21% were malicious or unwanted. In contrast, during the second half of 2015, only 18% of new and updated apps were benign, 30% were moderate or suspicious, and the remaining 52% were unwanted or malicious.
Conclusion
The data collected by Webroot throughout 2015 clearly shows that today’s threats are truly global and highly dynamic. As such, it is increasingly clear that intelligence dynamic enough to set proactive policies to automatically secure networks, endpoints, and users against modern threats is one of the most crucial components of a defense-in-depth strategy. To protect themselves, their users, and their customers from cybercriminal activity, organizations must bolster their security posture with real-time, highly accurate threat intelligence and proven next-generation endpoint security.
Want to find out if Webroot has what it takes to protect your customers? See for yourself with a no-risk FREE trial. You don’t even have to uninstall existing security.
Want to learn more about how Webroot partners with MSPs to delight customers, lower costs, and boost profits? Learn more.
Webroot offers cloud-based, real-time internet threat detection solutions for MSPs and their customers. Read all Webroot guest blogs here.
