9. Phishing, The Ultimate Human Error
A general phishing campaign that uses only 10 messages has a better than 90 percent chance of getting a click, according to phishing defense vendor ThreatSim. The Verizon report calls targeted phishing attacks the most prolific and "old faithful" way for criminals to gain initial access to a corporate network. It is used in 95 percent of cyberespionage incidents, where 68 percent of threat actions were carried out by cybercriminals conducting espionage campaigns in 2013. The attacker typically uses a file attachment containing a zero-day exploit, Verizon said. The messages are often carefully designed to look like a report or accounting document and sent to the employees who may typically receive them.