The Symantec Internet Security Threat Report includes vast information on security related issues. Spam, phishing and malware data are captured through a variety of sources. These resources give Symantec’s analysts unparalleled sources of data with which to identify, analyze and provide informed commentary on emerging trends in attacks, malicious code activity, phishing and spam. The annual Symantec Internet Security Threat Report gives enterprises, small businesses and consumers the essential information to secure their systems effectively now and into the future.

Over the years, phishing campaigns have become much easier to operate, thanks to the evolving cybercriminal marketplace. Attackers will cooperate, with some specializing in phishing kits, and other selling them on to other scammers who want to conduct phishing campaigns. Symantec has reported a concerning increase in the number and sophistication of phishing attempts, targeting specific departments within organizations.

Key Points

  • E-mail phishing rate in 2015 was 1 in 1,846.
  • The number of spear-phishing campaigns targeting employees increased 55% in 2015.
  • Retail was the industry sector most heavily exposed to phishing attacks in 2015.
  • In 2015, office documents were the most popular malicious file attachment type in e-mail.
  • An analysis of spear-phishing e-mails in 2015 indicates that office documents, such as Word and Excel, remain popular as a delivery mechanism for exploits that drop malware onto a targeted computer.
  • Top industries targeted in spear-phishing attacks in 2015 were finance, insurance and real estate combined, representing 35% of the distribution.
  • Retail was the industry sector most heavily exposed to phishing attacks in 2015.
  • In 2015, the number of spear-phishing e-mail campaigns increased.
  • In 2015, 34.9% of all spear-phishing e-mail was directed at an organization in the financial industry.
  • Spear-phishing attacks against small businesses continued to grow in 2015.
  • Small business had a 1 in 40 chance of being targeted for a spear-phishing attack in 2015.
  • The last 5 years have shown a steady increase in spear-phishing attacks targeting businesses with less than 250 employees.
Click here for the Symantec Internet Security Threat Report for 2016