ZDNet published an article about how “99% of email attacks rely on victims clicking links”. The ProofPoint report supports the idea that these attacks prey on VAPs:
-Very Attacked People™ (VAPs) aren’t usually VIPs – The most attacked people are often easily discovered identities or “targets of opportunity.”
ProofPoint
-Social engineering is pervasive, whether in rampant sextortion schemes, business email compromise (BEC), credential phishing, or other attacks that prey on human nature – and human error.
-Domain fraud plays a key role in lending a sense of legitimacy to attacks.
ZDNet has sound advice on how to remedy this attack, “If a user is suspicious of a supposed login URL, they can bypass the link by going direct to the provider itself and entering their details there. “
cybersqueeze 