The Webroot 2015 Threat Brief reveals that 85,000 new malicious IPs are launched every day, and the top phishing targets are technology companies and financial institutions.

Key findings from 2015 Threat Brief include:

  • The United States accounts for 31% of malicious IP addresses, followed by China with 23% and Russia with 10%. Overall, half of malicious IP addresses are based in Asia.
  • The average reputation score of all URLs is 65%. Surprisingly, some categories that might be assumed suspicious or unwanted due to their nature are relatively reputable. For example, URLs tied to Cheating (85%), Hate and Racism (82%), Violence (77%), Adult and Pornography (65%), and Nudity (65%) are relatively reputable when compared to the average scores.
  • There is a 30% chance of Internet users falling for a zero-day phishing attack in the course of a year, and there was an over 50% increase in phishing activity in December 2014. This is most likely due to the holiday season.
  • On average, there are nearly 900 phishing attempts detected per financial institution, but over 9,000 attempts detected per technology company. Top five technology companies impersonated by phishing sites are: Google, Apple, Yahoo, Facebook and Dropbox.
  • When evaluating phishing sites by country, the United States is by far the largest host of phishing sites, with over 75% of sites being within its borders.
  • On average, only 28% of apps on the Android platform were trustworthy or benign, which fell from 52% in 2013, nearly 50% were moderate or suspicious, and over 22% were unwanted or malicious. Trojans make up the vast majority of malicious threats, averaging 77% for 2014.

Webroot has seen a continued rise in the number of malicious URLs, IP addresses, malware, and mobile applications used to enable cybercriminals to steal data, disrupt services, or cause other harm,” said Hal Lonas, chief technology officer at Webroot. “With more breaches at major retailers, financial institutions and technology companies in the headlines and scores of other, smaller breaches in 2014, the trend shows no signs of slowing down. The Webroot 2015 Threat Brief highlights the need for highly accurate and timely threat intelligence to help organizations assess the risk of incoming data, reduce the volume of security incidents, and accelerate response to successful attacks

2014 also brought an increase in innovative techniques to infect PCs. Most notable was the discovery of Poweliks, a powerful Windows registry exploit, which was fully contained in the registry and did not require a file component to deliver a new infection such as crypto ransomware. Further, five unique PUA families were discovered and hundreds of variants, including widely prevalent CTB/Critroni and Cryptowall 3.0. Each family introduced new innovative social engineering techniques and complexity to the encryption process.

The full report can be found here.