Welcome!

News Feed Item

McAfee Labs Report Highlights Success of Phishing Attacks With 80 Percent of Business Users Unable to Detect Scams

McAfee Labs today released the McAfee Labs Threats Report: August 2014, revealing that phishing continues to be an effective tactic for infiltrating enterprise networks. Testing business users’ ability to detect online scams, the McAfee Phishing Quiz uncovered that 80 percent of its participants failed to detect at least one of seven phishing emails. Furthermore, results showed that finance and HR departments, those holding some of the most sensitive corporate data, performed the worst at detecting scams, falling behind by a margin of 4 percent to 9 percent.

Since last quarter’s Threats Report, McAfee Labs has collected more than 250,000 new phishing URLs, leading to a total of nearly one million new sites in the past year. Not only was there an increase in total volume, there was a significant rise in the sophistication of phishing attacks occurring in the wild. Results showed both mass campaign phishing and spear phishing are still rampant in the attack strategies used by cybercriminals around the world. Meanwhile, the United States continues to host more phishing URLs than any other country.

“One of the great challenges we face today is upgrading the Internet’s core technologies to better suit the volume and sensitivity of traffic it now bears,” said Vincent Weafer, senior vice president for McAfee Labs. “Every aspect of the trust chain has been broken in the last few years—from passwords to OpenSSL public key encryption and most recently USB security. The infrastructure that we so heavily rely on depends on technology that hasn’t kept pace with change and no longer meets today’s demands.”

Findings also revealed new cybercrime opportunities since the public disclosure of the Heartbleed vulnerability, as stolen data from still vulnerable websites is currently being sold on the black market. Lists of unpatched websites have quickly become hit lists for cybercriminals and tools are readily available to mine unpatched sites. With these tools, it is possible to tie together an automated system that targets known vulnerable machines and extracts sensitive information.

Each quarter, the McAfee Labs team of more than 400 multidisciplinary researchers in 30 countries follows the complete range of threats in real time, identifying application vulnerabilities, analyzing and correlating risks, and enabling instant remediation to protect enterprises and the public.

Additional Key Findings

  • Operation Tovar: McAfee joined global law enforcement agencies and others to take down Gameover Zeus and CryptoLocker by blocking more than 125,000 CryptoLocker domains and sinkholing in excess of 120,000 Gameover Zeus domains. However, copycats are on the rise, creating new variants of ransomware or financial-targeting malware using the leaked Zeus source code.
  • Growth in Malware: New malware samples rose by only 1 percent in the second quarter. However, with more than 31 million new samples, this was still the largest amount recorded in a single quarter. The total count of mobile malware increased by 17 percent in the second quarter, while the rate of new malware appears to have leveled off at about 700,000 per quarter.
  • Network Threats: Denial of service attacks rose by 4 percent in the second quarter and remain the most prevalent type of network threat.

To read the full McAfee Labs Threats Report: August 2014 with a complete list of findings, please visit: http://mcaf.ee/uycbt

About McAfee Labs

McAfee Labs is one of the world’s leading sources for threat research, threat intelligence, and cybersecurity thought leadership. The McAfee Labs team of more than 400 researchers collects threat data from millions of sensors across key threat vectors—file, web, message, and network. The team then performs cross-vector threat correlation analysis and delivers real-time threat intelligence to tightly integrated McAfee endpoint, content, and network security products through its cloud-based McAfee Global Threat Intelligence service. McAfee Labs also develops core threat detection technologies—such as McAfee DeepSAFE technology, application profiling, and graylist management—that are incorporated into the broadest security product portfolio in the industry. http://www.mcafee.com/us/mcafee-labs.aspx

About McAfee

McAfee, part of Intel Security and a wholly owned subsidiary of Intel Corporation (NASDAQ:INTC), empowers businesses, the public sector, and home users to safely experience the benefits of the Internet. The company delivers proactive and proven security solutions and services for systems, networks, and mobile devices around the world. With its Security Connected strategy, innovative approach to hardware-enhanced security, and unique Global Threat Intelligence network, McAfee is relentlessly focused on keeping its customers safe. http://www.mcafee.com

Note: McAfee is a trademark or registered trademark of McAfee, Inc. in the United States and other countries. Other names and brands may be claimed as the property of others.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
Tintri VM-aware storage is the simplest for virtualized applications and cloud. Organizations including GE, Toyota, United Healthcare, NASA and 6 of the Fortune 15 have said "No to LUNs." With Tintri they manage only virtual machines, in a fraction of the footprint and at far lower cost than conventional storage. Tintri offers the choice of all-flash or hybrid-flash platform, converged or stand-alone structure and any hypervisor. Rather than obsess with storage, leaders focus on the business app...
The best way to leverage your Cloud Expo presence as a sponsor and exhibitor is to plan your news announcements around our events. The press covering Cloud Expo and @ThingsExpo will have access to these releases and will amplify your news announcements. More than two dozen Cloud companies either set deals at our shows or have announced their mergers and acquisitions at Cloud Expo. Product announcements during our show provide your company with the most reach through our targeted audiences.
SYS-CON Events announced today that Cloud Academy will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Cloud Academy is the industry’s most innovative, vendor-neutral cloud technology training platform. Cloud Academy provides continuous learning solutions for individuals and enterprise teams for Amazon Web Services, Microsoft Azure, Google Cloud Platform, and the most popular cloud computing technologies. Ge...
Cloud Expo, Inc. has announced today that Aruna Ravichandran, vice president of DevOps Product and Solutions Marketing at CA Technologies, has been named co-conference chair of DevOps at Cloud Expo 2017. The @DevOpsSummit at Cloud Expo New York will take place on June 6-8, 2017, at the Javits Center in New York City, New York, and @DevOpsSummit at Cloud Expo Silicon Valley will take place Oct. 31-Nov. 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
"A lot of the enterprises that have been using our systems for many years are reaching out to the cloud - the public cloud, the private cloud and hybrid," stated Reuven Harrison, CTO and Co-Founder of Tufin, in this SYS-CON.tv interview at 16th Cloud Expo, held June 9-11, 2015, at the Javits Center in New York City.
In his keynote at 19th Cloud Expo, Sheng Liang, co-founder and CEO of Rancher Labs, discussed the technological advances and new business opportunities created by the rapid adoption of containers. With the success of Amazon Web Services (AWS) and various open source technologies used to build private clouds, cloud computing has become an essential component of IT strategy. However, users continue to face challenges in implementing clouds, as older technologies evolve and newer ones like Docker c...
20th Cloud Expo, taking place June 6-8, 2017, at the Javits Center in New York City, NY, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy.
Bert Loomis was a visionary. This general session will highlight how Bert Loomis and people like him inspire us to build great things with small inventions. In their general session at 19th Cloud Expo, Harold Hannon, Architect at IBM Bluemix, and Michael O'Neill, Strategic Business Development at Nvidia, discussed the accelerating pace of AI development and how IBM Cloud and NVIDIA are partnering to bring AI capabilities to "every day," on-demand. They also reviewed two "free infrastructure" pr...
Have you ever noticed how some IT people seem to lead successful, rewarding, and satisfying lives and careers, while others struggle? IT author and speaker Don Crawley uncovered the five principles that successful IT people use to build satisfying lives and careers and he shares them in this fast-paced, thought-provoking webinar. You'll learn the importance of striking a balance with technical skills and people skills, challenge your pre-existing ideas about IT customer service, and gain new in...
The Internet of Things will challenge the status quo of how IT and development organizations operate. Or will it? Certainly the fog layer of IoT requires special insights about data ontology, security and transactional integrity. But the developmental challenges are the same: People, Process and Platform. In his session at @ThingsExpo, Craig Sproule, CEO of Metavine, demonstrated how to move beyond today's coding paradigm and shared the must-have mindsets for removing complexity from the develop...
SYS-CON Events announced today that Catchpoint Systems, Inc., a provider of innovative web and infrastructure monitoring solutions, has been named “Silver Sponsor” of SYS-CON's DevOps Summit at 18th Cloud Expo New York, which will take place June 7-9, 2016, at the Javits Center in New York City, NY. Catchpoint is a leading Digital Performance Analytics company that provides unparalleled insight into customer-critical services to help consistently deliver an amazing customer experience. Designed ...
Column Technologies exhibited at SYS-CON's @DevOpsSummit at Cloud Expo, which took place at the Javits Center in New York City, NY, in June 2016. Established in 1998, Column Technologies is a global technology solutions provider with over 400 employees, headquartered in the United States with offices in Canada, India, and the United Kingdom. Column Technologies provides “Best of Breed” technology solutions that automate the key DevOps principals and help our customers meet today’s DevOps and Dig...
Have you ever noticed how some IT people seem to lead successful, rewarding, and satisfying lives and careers, while others struggle? IT author and speaker Don Crawley uncovered the five principles that successful IT people use to build satisfying lives and careers and he shares them in this fast-paced, thought-provoking webinar. You'll learn the importance of striking a balance with technical skills and people skills, challenge your pre-existing ideas about IT customer service, and gain new in...
@DevOpsSummit at Cloud taking place June 6-8, 2017, at Javits Center, New York City, is co-located with the 20th International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long developm...
Ayehu provides IT Process Automation & Orchestration solutions for IT and Security professionals to identify and resolve critical incidents and enable rapid containment, eradication, and recovery from cyber security breaches. Ayehu provides customers greater control over IT infrastructure through automation. Ayehu solutions have been deployed by major enterprises worldwide, and currently, support thousands of IT processes across the globe. The company has offices in New York, California, and Isr...