Finally, another attack vector that's just now starting to make an impact is domain hijacking.
"People are actually attacking the registries and getting their own information put in, so the big sites are losing control of their DNS infrastructure," Korbin said.
There have been a few high-profile cases so far, he said, mostly politically motivated, but not yet enough data to measure a trend.
"We didn't see it much in 2012, started seeing a little bit of it in 2013 and 2014, and seeing it more of it now," he said.
He recommended that companies switch on two-factor authentication for their email systems when available, ensure that employees don't reuse credentials, ask their domain registrars to put a lock on their domains, and, finally, keep a close eye on traffic numbers to spot a drop-off as soon as it happens.
With these domain redirects, the attackers are not only able to shut down the legitimate website, but also put up their own content under that website's brand.
Sign up for CIO Asia eNewsletters.