Webroot Finds Windows 7 is Becoming Riskier, Infections up by 71%

Webroot has shared the results of the mid-year update of its Webroot Threat Report, which explores the evolving cybersecurity landscape. Based on trends observed in the first half of 2019, Webroot found that 1 in 50 URLs are malicious, that nearly one-third of phishing sites use HTTPS, and that Windows 7 exploits have grown 75% since January.

Nearly a quarter (24%) of malicious URLs were found to be hosted on trusted domains, as hackers know trusted domain URLs raise less suspicion among users and are more difficult for security measures to block. Phishing grew rapidly, with a 400% increase in URLs discovered from January to July 2019. The top industries impersonated by phishing include SaaS/Webmail providers, financial institutions, social media, retail, file hosting, and payment services companies. The study also found that phishing lures are becoming increasingly personalized as more PII is collected from breaches. Phished passwords are used for more than account takeover, specifically: extortion emails claiming they’ve been caught doing something embarrassing or damaging that will be shared with colleagues, friends and family unless a ransom is paid. Phishing doesn’t always target usernames and passwords. These attacks also go after secret questions and their answers.

Over 75% of malware on Windows systems hides in one of three places:

41% in temp; 24% in appdata; and 11% in cache. Businesses and channel partners can easily set policies to restrict execution of any application from the temp and cache locations, thereby preventing more than 50% of infections.

Out of all infected PCs, 64% were home user machines, and 36% were business devices, likely because home users aren’t protected by corporate firewalls and security policies and may not be updated as regularly.

“We are beginning to see hackers create more personalized phishing emails using data gathered in recent massive breaches, as well as the use of HTTPS and trusted domains to seem more legitimate,” said Tyler Moffitt, Senior Threat Research Analyst at Webroot. “These tactics take advantage of familiarity and context, and result in unwarranted trust. Businesses and consumers need to be aware of and continually educate themselves about these evolving methods and risks to protect their data and devices.”

The Mid-Year Update is an extension of the annual Webroot Threat Report, which examines emerging threats and cybercrime trends from the previous year, and shares perspectives and predictions for the future.

Channel Impact^®
In addition to providing updated information on security trends, the report also highlights the importance of user education.