[FDSGSG]

>Nah, in reality someone probably clicked a link in a malicious email that launched a backdoor on their computer. The likelihood of that approaches 100% on untrained users.

In 2019 this is actually very unlikely. Driveby exploits have been pretty rare for years now.

[noinsight]

It's still one of the top methods.

See for example Symantec's report [1] with lots of data.

[1] https://www.symantec.com/content/dam/symantec/docs/reports/i...

[FDSGSG]

I'm sorry, I can't seem to find any references to driveby exploits in that report. I see many mentions of malicious office documents with downloader macros and similar attacks that certainly happen regularly today.

I do not see any mentions of attacks fitting the driveby pattern you described earlier. I am aware such targetted attacks do exists, but they're extremely rare these days compared to a few years back.

Almost all attacks today rely on social engineering to trick the victim into handing out their credentials or opening a malicious file, not a link.

[igetspam]

I literally just got a call about someone being hit. The avenues used to penetrate are email spam and RDP.

[FDSGSG]

When was the last time you saw email spam linking to a browser driveby exploit?

[nyolfen]

exploit office docs are less rare

[FDSGSG]

They're less rare because they've almost completely replaced the attacks I described as "very unlikely".

In 2019 it's extremely rare that anyone gets owned just by clicking a link, we've moved very far from that.