Proofpoint Quarterly Threat Summary


The Proofpoint Quarterly Threat Summary captures threats, trends and transformations we see within our customer base and in the wider security marketplace. Each day, we analyze more than one billion email messages, hundreds of millions of social media posts, and more than 150 million malware samples to protect organizations from advanced threats.

Analyzing how these threats shift quarter over quarter provides ample opportunity to identify larger trends and equip organizations with actionable intelligence and recommendations for managing their security posture. We continue to see sophisticated threats across three primary vectors: email, social media and mobile.

Key Takeaways

Volume, variation, and then silence

The first five months of 2016 were dominated by malicious email campaigns of unprecedented volume. New ransomware variants emerged quickly. Meanwhile, Dridex actors began distributing Locky ransomware and repeatedly shifted tactics with new loaders, document attachment types, and obfuscation techniques to evade detection.

Then at the end of May, one of the largest botnets in the world suddenly went dark. The change brought Dridex and Locky distribution to a near halt. At the same time, the hugely popular Angler exploit kit (EK)—an all-in-one toolkit that largely automates web-based cyber attacks—went silent. Together, these shifts led to an eerily quiet June.

Social media threats such as fraudulent customer service accounts continued to proliferate.

Mobile threats targeted multiple vulnerabilities. These threats focused largely on taking over victims’ devices and on malicious adware, especially in older versions of Android. Below are key takeaways from the second quarter of 2016…Click HERE to read full summary.