Once again our friends at CYREN reveal that an average of 2.25 billion malware attachments were detected on Fridays during Q3 2015. It shows shows that attackers were seeking to take advantage of employees being less protected over the weekend. The trend also resulted in IT professionals having to deal with more threats on Monday mornings.
The report validates the theory that many breaches and threats appear on a corporate networks appear on Monday mornings, as employees are more likely to download unsafe content on Saturdays and Sundays, as they are often using unprotected networks on those days. Employees taking their devices home over the weekend use them for Web surfing, downloading, and for opening links received over email, increasing overall risk of compromise.
The study also revealed that 4.3 million phishing URLs were tracked in the third quarter of the year, marking a 19 percent decrease when compared to the July report. This decrease signals a normalization in the number of such attacks, despite the 30 percent increase observed during the second quarter of the year.
During Q3, the security firm also observed a major phishing scam targeting corporate and government email credentials, including corporate names, email addresses, passwords, and phone numbers. To trick their victims, attackers used spoofed images from known and reputable cloud services, including LinkedIn, Apple, and Amazon, and the security researchers believe that the campaign might be part of a long-term threat process in which criminals are looking to amass corporate login data.
The report also suggests that 6.25 percent of all installed Android applications are malicious, while revealing that 655,000 new variants were discovered in Q3. According to CYREN, 7 of the top 10 types of Android malware are adware related, while the other three are SMS Trojans.
“These latest malware and phishing findings come on the heels of Cyber Security Awareness Month as well as a fresh CYREN survey that underscores just how difficult it is for the average user to identify a threat. Now, more than ever before, both individuals and enterprises should embrace cyber security awareness. Organizations must arm employees with knowledge of the vast, ever-changing tricks used by criminals,” Lior Kohavi, CTO at CYREN said.
Download the Report for more information on this and other trends in phishing, malware, spam and web security threats: