Trojan malware comes in many different types, but all require a user action to initiate.
Attackers are either targeting admins for hosted services with phishing campaigns or exploiting mistakes made when setting them up.
Data loss due to insider threats is a growing problem, but many companies don't have the resources to support an in-house data loss prevention system.