A newly released report shows an alarming movement of phishing attacks to mobile messaging and social apps. It’s another sign of just how attracted cyber criminals increasingly are to phishing through corporate mobile devices.
The findings of the research – by a well-known mobile security firm – will concern many corporate leaders considering how to avoid phishing.
They reveal, for example, that phishing is the biggest mobile threat to organisations today. The study found that mobile users were 18 times more likely to suffer a phishing attack than to download malware. It also showed that about 4,000 new mobile phishing websites launched each day.
The staggering growth of mobile phishing
These statistics should not necessarily surprise many professionals. After all, there is an astounding amount of data contained in the typical corporate device to interest a potential attacker. While single sign-on services exist to authenticate many apps, employees also often use Facebook and Google logins and other user credentials of their own.
The research also indicates that phishers are increasingly looking to the most popular brands that are harder to breach. Credentials for sites with over a billion users are becoming more expensive on the dark web. This, in turn, signals that they are in ever-greater demand.
Nine in 10 cyber attacks begin with a phishing attack. Furthermore, users are three times more likely to be phished on mobile than on desktop.
The study results also show the apps where mobile phishing attacks most frequently originate. Messaging apps topped this list at 17.3% of all apps, representing a 170% increase on last year. Next up in the ranking was social media with 16.4%, which was a 102% increase on 2017’s figure. Email (15.4%), gaming (11.3%) and productivity apps (10.2%) also figured prominently.
iOS and Android’s in-built messenger apps were the most frequently used by phishers. However, the likes of WhatsApp, Facebook Messenger, LINE and Viber were also popular for this purpose. Meanwhile, Facebook was the brand that phishers most targeted, ahead of Apple, Google, Amazon and PayPal.
SmilePass can show you how to prevent phishing
Such statistics affirm the importance of firms maintaining zero complacency about the dangers of phishing and social engineering. SmilePass addresses these dangers, simply and cost-effectively, with its solution for verifying transactions and requests against a unique biometric ID.
Connect with SmilePass today to learn more about how we can help to keep your enterprise in control.