UPDATED 23:00 EDT / JUNE 02 2020

SECURITY

Report finds alarming increase in enterprise mobile phishing attempts

A new report from mobile security firm Lookout Inc. details an alarming increase in enterprise mobile phishing attempts.

The Lookout 2020 Mobile Phishing Spotlight Report digs into the current mobile security landscape across both iOS and Android and found that there has been a 37% increase worldwide in the enterprise mobile phishing encounter rate between the fourth quarter of 2019 and the first quarter of 2020.

The report highlights the different methods cybercriminals use to make their mobile phishing campaigns more lucrative and provides data on global encounter rates and the potential financial risk per incident.

When successful, phishing attacks are a costly affair. The report found that mobile phishing threats could cost organizations with 10,000 mobile devices as much as $35 million per incident and for organizations with up to 50,000 devices, up to $150 million.

While offering a variety of examples across different industries, the report details a real-world phishing attack that targeted Canadian banks in February. In that case, over 4,000 customers received fake SMS messages that linked to a mobile site that looked liked a legitimate login page of the bank’s online services. The only giveaway was the URL, but many people would pay no attention to the web address, since they’re accustomed to move through login screens quickly and often view them as a nuisance.

“Smartphones and tablets are trusted devices that sit at the intersection of their owner’s personal and professional identity,” David Richardson, vice president of product management at Lookout, said in a statement. “Cybercriminals are exploiting the ability to socially engineer victims on their mobile device in order to steal their credentials or sensitive private data.”

Providing more ample opportunities to scammers is the age of COVID-19, with record numbers of people working from home. Employees are turning to smartphones and tablets to gain access to their workplaces opening the door for those behind phishing campaigns to infiltrate an organization. Although businesses have deployed user training and email phishing security to combat these attempts in the workplace, with mobile devices phishing risks no longer simply hide in email, but in SMS texts, messaging apps and social media platforms.

“Phishing has evolved into a massive problem that expands far beyond the traditional email bait and hook,” noted Phil Hochmuth, program vice president of enterprise mobility at International Data Corp. “On a small screen and with a limited ability to vet links and attachments before clicking on them, consumers and business users are exposed to more phishing risks than ever before. In a mobile-first world, with remote work becoming the norm, proactive defense against these attacks is critical.”

Image: Lookout

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU