Skip to main content

Phishing still number one method for cyber-attacks

(Image credit: Image Credit: wk1003mike / Shutterstock)

Microsoft has just released its annual cybersecurity report and it says that phishing is still the most popular way for cyber-criminals to attack, giving security experts everywhere headaches.

To create the report, Microsoft scanned more than 400 billion emails, 450 billion authentications and 1.2 billion devices. More than half (53 per cent) of all email threats are phishing ones. Three quarters (75 per cent) contain a malicious URL.

“As software vendors incorporate stronger security measures into their products, it is becoming more expensive for hackers to successfully penetrate software. By contrast, it is easier and less costly to trick a user into clicking a malicious link or opening a phishing email,” Microsoft said.

“In 2017 we saw “low-hanging fruit” methods being used such as phishing — to trick users into handing over credentials and other sensitive information. In fact, phishing was the top threat vector for Office 365-based threats during the second half of 2017.”

Second biggest threat are 'leaky cloud apps'. Microsoft says just three per cent of them support HTTP protection methods, while 86 per cent of them do not encrypt data, at all.

“Other low-hanging fruit for attackers are poorly secured cloud apps. In our research, we found that 79 per cent of SaaS storage apps and 86 per cent of SaaS collaboration apps do not encrypt data both at rest and in transit.”

Ransomware is still popular, as well, mostly in Myanmar, Bangladesh and Venezuela, where the encounter rates were highest average (0.48 per cent, 0.36 per cent and 0.33 per cent, respectively).

On the other hand Japan, USA and Finland have had the lowest average monthly encounter rates, at just 0.03 per cent.

Image Credit: wk1003mike / Shutterstock

Sead Fadilpašić is a freelance tech writer and journalist with more than 17 years experience writing technology-focussed news, blogs, whitepapers, reviews, and ebooks. And his work has featured in online media outlets from all over the world, including Al Jazeera Balkans (where he was a Multimedia Journalist), Crypto News, TechRadar Pro, and IT Pro Portal, where he has written news and features for over five years. Sead's experience also includes writing for inbound marketing, where he creates technology-based content for clients from London to Singapore. Sead is a HubSpot-certified content creator.