83% of Businesses Experienced a Successful Phishing Attack in 2021
Phishing is the most common method used to attack businesses. Phishing attacks are performed to steal credentials, obtain sensitive data, install malware, or gain a foothold in a network for a more extensive compromise. Phishing attacks target individuals and exploit human rather than technical weaknesses, and use social engineering to trick people into taking an action that allows the attacker to achieve their aims. The UK...
Phishing Costs Large U.S. Companies $14.8 Million a Year
The cost of phishing attacks has risen fourfold over the past 6 according to the 2021 Cost of Phishing Report published by Proofpoint. Large companies in the United States are now losing an average of $14.8 million a year due to phishing. That equates to a cost of $1,500 per employee. In 2015, when the survey was first conducted, the average cost of phishing for large U.S. companies was $3.8 million. Phishing emails are sent to...
Purple Fox Trojan Developers Create Their Own Exploit Kit and Add Two New Microsoft Exploits
The developers of the Purple Fox Trojan/rootkit have created their own exploit kit to distribute their malware and have recently added exploits for two recently patched Microsoft vulnerabilities, according to cybersecurity firm Proofpoint. The first exploit is for the high severity elevation of privilege vulnerability in the Win32k component of Windows, which was patched by Microsoft on October Patch Tuesday 2019. The second exploit...
Q4 2019 Threat Report Reveals Emotet Dominates Threat Landscape
The Q4, 2019 Threat Report from cybersecurity firm Proofpoint has confirmed Emotet was the biggest malware threat in 2019, accounting for 37% of all malicious payloads in 2019, even though for several months of 2019 Emotet was inactive. Emotet activity is up considerably from 2018, when it accounted for 28% of malicious payloads for the year. In Q4, 2019, Emotet accounted for 31% of all malicious payloads. Banking Trojans also proved...
55% of Organizations Were Successfully Phished in 2019
Phishing is the most common method of attacking organizations and it continues to cause problems for IT departments and considerable losses for organizations. A new report from Proofpoint has revealed the extent of phishing and how often the attacks succeed. The data for the report came from a survey of more than 3,500 working adults and 600 cybersecurity professionals in Australia, France, Germany, Japan, Spain, the United States,...
Proofpoint Acquires ObserveIT in $225 Million Deal
The Sunnydale, CA-based cybersecurity firm Proofpoint has announced it has entered into a definitive agreement to acquire the data loss prevention (DLP) and insider threat management firm ObserveIT for $225 million. For several months there has been speculation that Proofpoint will be moving into DLP to better protect its clients from sophisticated cyberattacks and insider threats. The announcement has confirmed that that those...
Gartner Peer Insights Customers’ Choice for Email Security for 2019
The Lexington, MA-based email security company Mimecast has been named a Gartner Peer Insights Customers’ Choice for Email Security for 2019. Gartner Peer Insights is a review platform for IT products and services where users of software and services can submit reviews of their experiences with the solutions. The platform includes more than 215,000 verified customer reviews in 340 markets. When sufficient numbers of reviews are...
Proofpoint Partners with CrowdStrike to Better Protect Endpoints and Email Systems from Cyberattacks
Proofpoint has announced it has formed a strategic partnership with CrowdStrike to help joint customers improve endpoint security and defend against email -based cyberattacks. CrowdStrike is a leading provider of cloud-delivered endpoint security and Proofpoint has developed a suite of solutions that provide protection from advanced threats and helps identify and address compliance risks. The partnership will initially see...
2019 Beyond the Phish Report Reveals Employees Have Significant Cybersecurity Knowledge Gaps
A survey conducted by the Sunnyvale, CA-based cybersecurity company Proofpoint has revealed end users are unsure how to protect sensitive data and lack the skills to identify phishing threats. For the latest Beyond the Phish report, Proofpoint analyzed the responses to almost 130 million cybersecurity questions in 14 categories. The survey was conducted on employees in 16 industries across 20 different department classifications. The...
Emotet was the Biggest Email Threat in Q1
A new report from Proofpoint has confirmed Emotet was the biggest email-based threat in the first quarter of 2019. The popularity of the malware is not surprising. While Emotet was once just a banking Trojan, it can now be used to deliver other malware variants and can even distribute itself automatically by sending copies of itself via spam email on a compromised device. Emotet is now classed as a botnet, as it is being used to...
2019 State of the Phish Report Reveals Increase in Successful Phishing Attacks
The Proofpoint 2019 State of the Phish Report has revealed that while phishing is still used to infect users with malware, 70% of phishing attacks are concerned with obtaining credentials. In the past 12 months there has been a major increase in phishing attacks. The last time the report was produced in 2017, 38% of InfoSec professionals reported having experienced at least one account compromise as a result of a phishing attack in...
Phishing Website Uses Custom Web Fonts to Evade Detection
Phishers are constantly developing new ways to prevent their websites from being detected. One threat actor is now using custom web fonts to disguise malicious code on phishing websites. The phishing scam spoofs a major U.S. bank in an attempt to get users to disclose their banking credentials. The website used in the scam is well crafted, and like many similar scams, uses stolen branded content to make the website appear legitimate....
TA505 APT Group Spreading tRat Malware in New Spam Campaigns
The prolific APT group TA505 is conducting spam email campaigns spreading a new, modular malware variant named tRAT. tRAT malware is a remote access Trojan capable of downloading additional modules. In addition to adding infected users to a botnet, the threat actors have the option of selling access to different elements of the malware to other threat groups for use in different attacks. Threat researchers at Proofpoint intercepted...
Stealthy sLoad Downloader Performs Extensive Reconnaissance to Improve Quality of Infected Hosts
A new PowerShell downloader has been discovered – the sLoad downloader – which is being used in stealthy, highly targeted attacks in the United Kingdom and Italy. The sLoad downloader performs a wide range of checks to find out a great deal of information about the system on which it resides, before choosing the most appropriate malicious payload to deploy – if a payload is deployed at all. The sLoad downloader was first identified in...
Proofpoint Launches Closed-Loop Email Analysis and Response (CLEAR) Solution
The Sunnyvale, CA-based cybersecurity firm Proofpoint has announced it has launched a new Closed-Loop Email Analysis and Response (CLEAR) solution that can significantly reduce the time it takes to triage email-based threats. The solution uses a complete closed-loop approach to automatically analyze suspicious emails reported by end users to security teams, identify real threats from false positives, and help security teams remediate...
Proofpoint Essentials Named Best SME Security Solution at SC Media Europe Awards
Proofpoint has been crowned winner of a prestigious SC Media Europe Award at the June 5, 2018 ceremony at the Marriott Grosvenor Square, London. The Sunnyvale, CA-based next generation security and compliance firm won the Best SME Security Solution for Proofpoint Essentials. Proofpoint Essentials is an enterprise-class cybersecurity solution for small and medium sized businesses that incorporates data loss prevention, policy-enforced...
Proofpoint Incorporates Return Path’s DMARC-Based Anti-BEC Solution into Email
Return Path’s Email Fraud Protection business unit has been acquired by Proofpoint and its technology will be incorporated into Proofpoint’s range of email security products to offer even greater protection against business email compromise (BEC) attacks. BEC attacks typically impersonate the CEO or CFO and target employees in the payroll and HR departments. The attackers attempt to obtain sensitive information by deception or fool...
Proofpoint Collects Two SC Media Europe Awards for Fraud Prevention and Email Security
Sunnyvale, CA-based next generation security firm Proofpoint collected two prestigious awards as the 2017 SC Media Europe Awards ceremony at Old Billingsgate, London on June 6, 2018. The SC Media Europe Awards are highly coveted by firms in the information security industry. The SC Media Awards recognize the achievements of cybersecurity firms and outstanding products and services across a range of different information technology...
Proofpoint Report Shows BEC Attacks Have Increased by 45% in the Past 3 Months
There has been a 45% increase in BEC attacks in the past 3 months, according to a new analysis by cybersecurity firm Proofpoint. Not only are BEC attacks now occurring much more frequently, the sophistication of the attacks is also increasing. The analysis was conducted on 5,000 of its enterprise customers over the past three months. 75% of its customers had experienced at least one BEC attempt in the first three months of 2016. Two...
Proofpoint Adds Dynamic Fraud Prevention to Email Protection Solution
Proofpoint has announced it has added new functionality to the Proofpoint Email Protection solution to help businesses detect and block email spoofing attacks that attempt to fool employees into disclosing confidential information. While there are many forms of email attacks, spoofing attacks are among the most successful. Cybercriminals impersonate known individuals –colleagues, contacts and trusted companies – to increase the...