Skip to main content

Mobile phishing has seen a huge rise in some industries

(Image credit: Image source: Shutterstock/ESB Professional)

Despite Mobile Device Management (MDM) being deployed to “significantly” more devices last year, mobile phishing exposure among financial services has almost doubled.

A new report from integrated endpoint-to-cloud security company Lookout, based on behavioral analysis of telemetry data from nearly 200 million mobile devices, 140 million apps and more than four million new URLs a day., found that there had been a 50 percent increase in MDM adoption between 2019 and 2020. 

However, average quarterly exposure to phishing rose by 125 percent, while malware and app risk exposure rose by more than 400 percent. Criminals are deliberately targeting phones, tablets and Chromebooks to increase their chances of finding a vulnerable entry point.

Of all the phishing attempts recorded last year, almost half of them tried to steal corporate login credentials, the report further stated. Mobile applications seem to be the biggest security problem, as almost 20 percent of mobile banking customers have had a trojanized app on their device, when trying to sign into their personal mobile banking account.

Almost a third (32 percent) of Android devices, as well as a fifth (21 percent) of iOS devices were exposed to 1,060 and 390 vulnerabilities, respectively, mostly because they were running outdated operating systems. Not updating their OS on time gives criminals the opportunity to gain access to corporate infrastructure and steal data.

“These findings demonstrate that regardless of whether a device is managed or unmanaged, attackers have equal success in deploying phishing campaigns,” said Gert-Jan Schenk, Chief Revenue Officer, Lookout.

“In addition, phishing can be particularly difficult to detect on a mobile device. We inherently trust these devices, which makes us vulnerable to social engineering attacks. Protecting modern endpoints requires a different approach – one that is built from the ground up for mobile and can continuously secure an organizations’ data from endpoint to the cloud.”