Symantec's 2017 Internet Security Threat Report (ISTR) details how simple tactics and innovative cyber criminals led to unprecedented outcomes in global threat activity. This report covers a lot of areas like international bank heists, disrupted elections, and state-sponsored attacks. However, one thing stood out and that is the following paragraph:
Email posed a dangerous and efficient threat to users: one in 131 emails contained malware, the highest rate in five years. And Business Email Compromise (BEC) scams, relying on spear-phishing emails, targeted over 400 businesses every day, draining $3 billion over the last three years.
A combination of PowerShell, a common scripting language installed on PCs, and Microsoft Office files was an effective weapon. Cyber criminals used the two to leave a lighter footprint and hide in plain sight. Last year, 95 percent of PowerShell files seen by Symantec in the wild were malicious.
Take a read of the Symantec report.