Story image

Phishing: It's all too easy on mobile devices

22 Nov 2018
Sponsored

Imagine a world without mobile devices. We only need to cast our minds back a couple of decades to conjure up an image; but in 2018 that world is almost unthinkable.

Despite the saturation of mobile devices everywhere from the workplace to the home, they're still vulnerable to a lack of security. Cybercriminals are quick to exploit this lack of care.

Websites and apps have been optimised for mobile, but mobile devices are easily compromised because they present new ways of delivering attacks.

Take phishing for example. Phishing on mobile is extremely difficult to spot with the naked eye. It only takes a single tap to compromise a mobile device. It could be a malicious URL, or maybe an innocent-seeming app connected to a malicious ad network. 

Or it could be an email that looks like it came from Greg in HR but was designed to trick your employees into giving up their credentials. A single errant tap moves an attacker closer to your data.

What’s more, it’s difficult to preview a link on a mobile device to see if it’s legitimate. On a desktop or laptop you’d generally hover your mouse over a link, but mobile users don’t have that luxury.

Lookout Personal analysed 67 million mobile devices between 2011 and 2016. If found that 56% of users received and tapped a phishing URL that bypassed their phone’s existing phishing defense capabilities. Of that 56%, people tapped on an average of six phishing URLs per year.

The number of phishing attempts is also on the rise – according to Lookout, phishing URLs have increased by an average of 85% year-over-year since 2011.

“We have seen up to 87% of the traffic to phishing sites coming from mobile devices,” Lookout says.

That’s bad news for users and devices, but great news for cybercriminals who are trying to offload their malware, steal personal information, or demand ransoms.

It’s a major problem, but employers and users are still failing to take adequate steps against phishing attacks.

Mobile devices are connected outside traditional firewalls, typically lack endpoint security solutions, and access a plethora of new messaging platforms not used on desktops. Additionally, the mobile user interface does not have the depth of detail users need to identify phishing attacks, such as hovering over hyperlinks to show the destination. 

Endpoint security firms such as Lookout are making it their mission to protect users, their organisations, and their data from phishing attacks.

To protect data from compromise, it’s now necessary to prevent employees from tapping malicious URLs that hide inside apps, in addition to SMS, messaging platforms, corporate and personal email.

Lookout offers comprehensive protection against mobile phishing on Android and iOS devices to keep enterprise data secure in a nuanced, mobile world.

One way it does this is by detecting phishing attempts from any source including email, social media and apps. It also allows IT administrators to set policies that protect against phishing attempts.

Lookout blocks attempted connections to URLs at the network level, instead of inspecting message content. This ensures employee privacy remains safe – this is important because users’ communication across social and messaging platforms needs to be safeguarded.

Learn how to protect your organisations’s data from malicious phishing attacks here.

To contact Lookout for a free demo or to find out how Lookout can help you protect your organisation’s data, click here.

Why an IT resilient strategy needs to be in the modern CIO’s toolkit
"Having an IT resilience strategy in place allows an organisation to smoothly adjust to change."
Tollring partners with Novum Networks for call analytics
Novum Networks has added the full complement of Tollring’siCall Suite cloud analytics to its product portfolio.
Intel announces “most powerful mobile processors ever”
Improvements in performance, responsiveness and Wi-Fi connectivity will be rolling out for gamers and creators alike.
Software AG launches new cloud-based IT portfolio management tool
“Alfabet FastLane’s out-of-the-box approach absolutely addresses the needs of smaller IT teams."
Slack's 2019 feature roadmap unveiled
Including shared channels across organisations, workflow automation, greater email and calendar integration, and streamlined search.
Data#3 wins learning and development award two years running
Chief Learning Officer magazine’s LearningElite programme honours the best organisations for learning and development.
Avaya partners with Standard Chartered to deliver CX transformation
"Avaya is proud to be supporting this venerable financial institution as it continues to evolve and transform to meet the needs of its clients.”
Hootsuite leads the social engagement charge - Forrester report
“Hootsuite leads the pack with its seller focus and scale,” writes Forrester principal analyst Mary Shea.