Global
Africa
South Africa
Albania
Australia
Austria
Belgium
Bosnia Herzegovina
Bulgaria
Canada
Canada FR
Croatia
Czech Republic
Denmark
Estonia
Finland 
Finland (English)
France
Germany
Hong Kong
Hungary
Iceland
India
Indonesia
Ireland
Israel
Italy
Kosovo
Latvia
Lithuania
Malaysia
Middle East
Montenegro
Netherlands
New Zealand
North Macedonia
Norway
Philippines
Poland
Portugal
Romania
Saudi Arabia
Serbia
Singapore
Slovakia
Slovenija
Spain
Switzerland DE
Switzerland FR
Thailand
Turkey
USA
Ukraine
United Kingdom
Vietnam
Proofpoint – Human Factor Report 2019
THE HUMAN FACTOR 2019
Each year, cyber criminals continue to refine their use of social engineering, relying on human interaction rather than automated exploits to install malware, initiate fraudulent transactions, steal data, and engage in other malicious activities. Less than 1% of the attacks we observed made use of system vulnerabilities. The rest exploited “the human factor”: the instincts of curiosity and trust that lead well-intentioned people to click, download, install, open, and send money or data.
Instead of attacking computer systems and infrastructure, threat actors focused on people, their roles within an organization, the data to which they had access, and their likelihood to “click here.” Whether attacking at a massive scale in large, indiscriminate campaigns, going after specific industries or geographies with more targeted campaigns, or seeking out a single person within an organization, attackers and their sponsors consistently found human beings to be the most effective vectors to infiltrate organizations and facilitate fraud and theft.
While ransomware was the biggest threat of 2017, the last 18 months have seen a marked shift towards information-stealing malware, with social engineering becoming ever more pervasive and effective at preying on people. Whether sending impostor messages that appear to come from a trusted colleague or installing increasingly robust malware that can silently profile individuals and steal data and credentials to make future attacks more effective, threat actors are following the money. While cryptocurrency volatility and a growing ability to detect and mitigate ransomware may have driven this shift initially, the information provided by victims via malware and phishing attacks is fueling revenue streams and facilitating future attacks.
Regardless of the means of attack—email, cloud applications, the web, social media, or other vectors—threat actors repeatedly demonstrated the effectiveness of the social engineering tactics that convinced victims to click malicious links, download unsafe files, install malware, transfer funds, and disclose sensitive information at scale. Whether financially motivated or state-sponsored, attackers all had one thing in common: an understanding of and a willingness to take advantage of the human factor.
