Symantec’s 2017 Internet Security Threat Report (ISTR) details how simple tactics and innovative cyber criminals led to unprecedented outcomes in global threat activity. This report covers a lot of areas like international bank heists, disrupted elections, and state-sponsored attacks. However, one thing stood out and that is the following paragraph:

Email Becomes the Weapon of Choice

Email posed a dangerous and efficient threat to users: one in 131 emails contained malware, the highest rate in five years.  And Business Email Compromise (BEC) scams, relying on spear-phishing emails, targeted over 400 businesses every day, draining $3 billion over the last three years.

A combination of PowerShell, a common scripting language installed on PCs, and Microsoft Office files was an effective weapon. Cyber criminals used the two to leave a lighter footprint and hide in plain sight. Last year, 95 percent of PowerShell files seen by Symantec in the wild were malicious.

Take a read of the Symantec report.