Researchers warn that social engineering is the biggest factor in malicious hacking attempts. Taken from a ZDNet news article on 9/9/19:
“Nearly all successful email-based cyberattacks require the target to open files, click on links, or carry out some other action.
While a tiny fraction of attacks rely on exploit kits and known software vulnerabilities to compromise systems, the vast majority of campaigns, 99%, require some level of human input to execute. These interactions can also enable macros, so malicious code can be run.
The finding comes from Proofpoint’s Annual Human Factor Report, a paper based on 18 months of data collected from the cybersecurity company’s customers.””