Home User Devices are More Than Twice as Likely to Get Infected as Business Devices
Explore the 2019 Webroot Threat Report
- 40 percent of malicious URLs were found on good domains. Legitimate websites are frequently compromised to host
malicious content. To protect users, cybersecurity solutions need URL-level visibilityor, when unavailable, domain-level metrics, that accurately representthe dangers.
- Home user devices are more than twice as likely to get infected as business devices. Sixty-eight percent of infections are seen on consumer endpoints, versus 32 percent on business endpoints.
- Phishing attacks increased 36 percent, with the number of phishing sites growing 220 percent over the course of 2018. Phishing sites now use SSL certificates and HTTPS to trick
internet usersinto believing they are secure, legitimate pages. Seventy-seven percentof phishing attacks impersonated financial institutions, and weremuch more likely to use HTTPS than other types of targets. In fact, for some of the targeted financial institutions, over 80 percent of the phishingpages used HTTPS. Google was found to be the most impersonated brandin phishing overall.
- After 12 months of security awareness training, end users are 70 percent less likely to fall for a phishing attempt. Webroot found that organizations that combine phishing simulation campaigns with regular training saw a 70 percent drop in phishing link click-through.
- Nearly a third of malware tries to install itself in %appdata% folders. Although malware can hide almost anywhere, Webroot found several common locations, including %appdata% (29.4 percent), %temp% (24.5 percent), and %cache% (17.5 percent), among others. These locations are prime for hiding malware because these paths are in every user directory with full user permissions to install there. These folders also are hidden by default on Windows Vista and up.