Content, Content

Phishing Skyrockets, Windows 7 Infections Rise, Webroot Study Finds

One in 50 URLs are malicious, nearly one-third of phishing sites use HTTPS and Windows 7 exploits have grown 71 percent since the beginning of 2019, a new Webroot threat report found.

While the malicious URL figure (2 percent) may seem insignificant at first glance, when considering that 33 percent of office workers click more than 25 work-related links per day it becomes a notable figure, the cloud-based security provider said. Webroot’s 2019 Threat Report: Mid-Year Update threat report is an extension of its annual edition that examines emerging threats and cyber crime trends from the previous year, and shares perspectives and predictions for the future.

"We are beginning to see hackers create more personalized phishing emails using data gathered in recent massive breaches, as well as the use of HTTPS and trusted domains to seem more legitimate,” said Tyler Moffitt, Webroot senior threat research analyst. “These tactics take advantage of familiarity and context, and result in unwarranted trust. Businesses and consumers need to be aware of and continually educate themselves about these evolving methods and risks to protect their data and devices."

Key findings:

Hackers are using trusted domains and HTTPS to trick victims.

  • 24% of malicious URLs were found to be hosted on trusted domains. Hackers know trusted domain URLs raise less suspicion among users and are more difficult for security measures to block.
  • 29% of detected phishing web pages use HTTPS as a method to trick users into believing they're on a trusted site via the padlock symbol.

Phishing skyrockets.

Phishing spiked 400% increase in URLs discovered from January to July 2019. The top industries impersonated by phishing include:

  • 25% SaaS/Webmail providers.
  • 19% financial institutions.
  • 16% social media.
  • 14% retail.
  • 11% file hosting.
  • 8% payment services.


  • Phishing lures are becoming increasingly personalized as more personally identifiable information is collected from breaches.
  • Phished passwords are used for more than account takeover such as extortion emails.
  • Phishers are going after security verification steps, such as secret questions and answers, in addition to users' ad passwords.

Windows 7 riskier.

  • Since January, the number of IPs that host Windows exploits grew 75%.
  • More than 75% of malware on Windows systems hides in one of three places: 41% in temp files, 24% in app data, 11% in cache.
  • Businesses can prevent more than 50% of infections by setting policies to restrict execution of any application from the temp and cache locations.
  • Malware samples seen on only one PC are at 95.2%, up from 91.9% in 2018.
  • Out of all infected PCs, 64% were home user machines, and 36% were business devices.
D. Howard Kass

D. Howard Kass is a contributing editor to MSSP Alert. He brings a career in journalism and market research to the role. He has served as CRN News Editor, Dataquest Channel Analyst, and West Coast Senior Contributing Editor at Channelnomics. As the CEO of The Viewpoint Group, he led groundbreaking market research.