Because adversaries deliver malware through many different channels, organizations in Latin America must ensure that they have security controls to block malware downloads over the most popular channels. Globally, approximately one-half of all HTTP/HTTPS malware downloads originate from popular cloud apps, with the other half originating from different locations on the web. This section highlights the apps for which Netskope blocked the most malware downloads over the past year.
Globally, the trend is for the most popular apps overall to be among the top apps in terms of the number of malware downloads, reflecting adversary tactics (adversaries tend to abuse popular apps because of their popularity), user behavior (users interact with popular apps more frequently), and organizational policy (organizations tend to allow popular apps). Regionally, differences arise based on those exact same three factors: differences in adversary tactics, user behaviors, and organizational policies.
In Latin America, the top apps for cloud malware downloads were indeed among the most popular apps overall in the enterprise, with some noteworthy differences from other regions. Among the top apps was the webmail app Outlook.com, with 18% of all cloud malware downloads. The malware downloads from Outlook.com originated from both personal Outlook accounts and organizational Microsoft 365 instances. Personal webmail accounted for two-thirds of all Outlook.com malware downloads by volume. The most common type of malware downloaded from Outlook.com were malicious PDF documents that were components of phishing campaigns. These documents directed the recipient to visit a phishing website, call a phone number, or both. These attacks typically aim to gain access to the victim’s accounts and sell that access in illicit marketplaces or financial theft. Azure Blob Storage was also among the top apps, driven primarily by spyware and banking trojans distributed by websites using Azure Blob Storage for file hosting.
Where Latin America saw a higher percentage of malware downloads from Outlook.com and Azure Blob Storage, they saw a lower percentage from Microsoft OneDrive and Microsoft SharePoint, where the downloads were primarily malicious documents and executables inadvertently shared internally.