Proofpoint’s Annual Human Factors Report reveals how 2021


SUNNYVALE, Calif., June 02, 2022 (GLOBE NEWSWIRE) — Propoint, Inc.a leading cybersecurity and compliance firm, today unveiled its annual Human Factor Report, which provides a comprehensive review of the three main facets of user risk (vulnerability, attacks, and privileges) and how whose threat actors pursue their relentless creativity as they exploit the many opportunities presented by people.

The Human Factor 2022 report takes a deep dive into user risk, drawing on data and insights from a year of research, covering threats detected, mitigated and resolved in one of the largest datasets in the world. of cybersecurity.

“One constant that remains as organizations approach a sense of normalcy after a disruptive year is that cybercriminals continue to target and exploit people,” said Ryan Kalember, executive vice president of cybersecurity strategy, Proofpoint. “Last year, attackers demonstrated just how unscrupulous they truly are, making protecting people from cyber threats an ongoing – and often eye-opening – challenge for organizations.”

The report is based on a graph of trillions of data points, one of the largest datasets in cybersecurity. Every day, Proofpoint analyzes more than 2.6 billion emails, 49 billion URLs, 1.9 billion attachments, 28.2 million cloud accounts, 1.7 billion mobile messages and more. This report analyzes data collected throughout 2021 and sheds light on the nature of today’s cyber threats, while offering actionable insights on how to protect employees against them.

Key findings highlighted in Proofpoint’s 2022 Human Factor Report include:

  • Cybercriminals recognize that our smartphone holds the keys to our personal and professional lives. Smishing attempts more than doubled in the US over the year, while in the UK more than 50% of lures were delivery notification themed. Additionally, cybercriminals initiated more than 100,000 telephone attacks one day.
  • High-privileged users are disproportionately targeted. Managers and executives represent only 10% of all users in organizations, but nearly 50% of the most severe attack risk.
  • More than 80% of businesses are attacked by a compromised vendor account every month. Security awareness training focused on supply chain threats is essential for businesses.
  • Microsoft OneDrive and Google Drive are the most common legitimate cloud infrastructure platforms used by threat actors. Last year, 35% of cloud tenants who received a suspicious login also experienced suspicious file activity after the breach, revealing that privilege-based risk is widening as businesses move to the cloud. On average, about 10% of organizations have at least one active malicious application allowed in their environment.
  • The hand-in-hand relationship between malware groups and ransomware operators continues. More than 20 million messages attempted to spread malware related to a possible ransomware attack between January 1 and December 31, 2021.
  • Attackers are piggybacking on pop culture. Threat actors used popular personalities like Justin Bieber and The Weeknd, and Netflix series squid game in their lures in 2021. In October, cybercriminals were sending Squid Game-themed emails to victims in the United States, promising early access to the next season, or even the chance to be cast in future episodes. .
  • Cybercriminals continue to capitalize on global conflicts. Earlier this year, threat actors and APT groups aligned with national interests reacted to Russia’s invasion of Ukraine. We have seen destructive malware deployed against Ukrainian organizations and key communications infrastructure, in addition to the activity of Belarus– and China-aligned actors, specifically targeting European governmental organizations involved in asylum and other relief efforts.

To download Proofpoint’s Human Factor 2022 report, visit:

For more information on creating a people-centric cybersecurity strategy, please see:

About Propoint, Inc.
Proofpoint, Inc. is a leading cybersecurity and compliance company that protects organizations’ greatest assets and greatest risks: their people. With an integrated suite of cloud-based solutions, Proofpoint helps businesses around the world stop targeted threats, protect their data, and make their users more resilient against cyberattacks. Large enterprises of all sizes, including 75% of Fortune 100 companies, rely on Proofpoint for people-centric security and compliance solutions that mitigate their most critical risks across email, cloud, social networks and the web. More information is available at

Connect with Proofpoint: Twitter | LinkedIn | Facebook | Youtube

Proofpoint is a registered trademark or trade name of Proofpoint, Inc. in the United States and/or other countries. All other trademarks contained herein are the property of their respective owners.

Estelle Derouet
Propoint, Inc.
[email protected]


About Author

Comments are closed.