CYREN Cyberthreat Report Highlights Alarming Increase in Phishing Attacks

CYREN CTO Lior Kohavi points to fast-paced escalation in phishing attacks targeting businesses

Aug 05, 2015, 06:15 ET from CYREN

MCLEAN, Va., Aug. 5, 2015 /PRNewswire/ -- CYREN (NASDAQ: CYRN) today announced the release of its Q2 2015 CYREN Cyberthreat Report that highlights a 38% overall quarterly increase in phishing attacks. It also details the ever-growing number and sophisticated types of phishing attacks specifically designed to gain access to corporate information.

Looking beyond heavily phished domains such as PayPal, Apple and Gmail, the CYREN security analysts examined a vast variety of other phishing campaigns that seek out financial gain or specific intelligence from businesses rather than consumers. They found these more sophisticated attacks to be consistently grouped into two categories:

  • Indirect Phishing Attacks – Cybercriminals deploy a series of attacks that add up to a successful phishing campaign – usually in combination with organizational information from other sources such as LinkedIn. For example, an employee using their own Apple device is tricked into giving away iTunes credentials as part of an attack, which can give access to contact or calendar information. Additionally, an employee with a cloud-based company email (such as from Office 365 or branded Gmail accounts) could be successfully phished, providing the attacker with a platform for sending malicious emails that appear safe.
  • Direct Phishing Attacks – Cybercriminals seek login credentials for actual business systems. During Q2 2015, CYREN security analysts found multiple examples of phishing attempts on Outlook credentials. Aside from email access, these credentials are frequently used for domain logins, providing an attacker with the tools to access far more than just email. Other cloud-based services, such as Dropbox or Salesforce, can also provide an attacker with direct access to valuable company data.

"We are seeing a shift in emphasis by the cybercriminals away from the mass-distribution 'nickel and dime' campaigns looking for quick-hit revenue that have been the staple of the cybercrime industry for the last 10 years or more, and toward using that same mass-distribution infrastructure for the dissemination of more highly targeted and powerful threats," said Lior Kohavi, CTO at CYREN. "This shift highlights a problem with legacy security tools and technologies.  These tools were designed to provide protection in a threat landscape consisting of slow-evolving threat types, the majority of which were iterations of previously-detected threats."

Kohavi continued, "If the trend we are seeing now proves to be true, security professionals have real cause for concern, as it means that their enterprises will be exposed to an ever-increasing volume of threats, each one possessing the capability to severely impact their organization.  In this new reality, security powered by "offline" technology models, such as periodic updates to local static databases, can no longer provide meaningful protection."

Other report highlights include:

  • A deeper look at the 50% increase in detected malware using Adobe Flash Player
  • Vietnam stands as the world leader of spam-sending zombies
  • New Android malware down 20% from Q1 2015
  • The frequently ineffective use of script blocking
  • The increasing burdens created by Java
  • Attempted trickery by spammers actually backfiring

The 13-page quarterly report is available for download at http://tinyurl.com/oomcajz.

About CYREN Founded in 1991, CYREN (NASDAQ and TASE: CYRN) is a long-time innovator in cybersecurity. Through full-function Security as a Service (SecaaS) and embedded deployment options, CYREN provides web, email, mobile and endpoint security solutions that are relied upon by the world's largest IT companies to protect against today's advanced threats. CYREN collects threat data and delivers real-time cyber intelligence through a unique global network of over 500,000 points of presence that processes 17 billion daily transactions and protects 600 million users. To learn more, visit www.cyren.com.

Blog: blog.cyren.com  Facebook: www.facebook.com/CyrenWeb  LinkedIn: www.linkedin.com/company/cyren  Twitter: twitter.com/CyrenInc

© 2015 CYREN Ltd. CYREN and GlobalView are trademarks of CYREN Ltd. Other company and product names may be trademarks of their respective owners.

U.S. Investor Contact: Garth Russell KCSA 212.896.1250 grussell@kcsa.com  

Israel Investor Relations Contact: Iris Lubitch SmarTeam +972.54.2528007 iris@smartteam.co.il

CYREN Company Contact:         Mike Myshrall, CFO CYREN 703.760.3320 mike.myshrall@cyren.com 

CYREN Media Contact: Matthew Zintel Zintel Public Relations 281.444.1590 matthew.zintel@zintelpr.com

Photo - http://photos.prnewswire.com/prnh/20150804/255395-INFO  Logo - http://photos.prnewswire.com/prnh/20140120/SF48846LOGO

 

SOURCE CYREN



RELATED LINKS

http://www.cyren.com