Developing threats in mobile phishing
Over the past recent years, the mobile technology landscape has seen an upsurge of attack targeted at popular apps such as WhatsApp, Facebook, and even Google Play. And with more and more companies leveraging mobile devices in their workspace, the concern for mobile security has now become a hot topic in the business sector.
One of the techniques used by fraudsters to attack corporate mobile devices is phishing. According to recent reports, phishing attacks have increased both in volume and sophistication in 2017. This technique is highly utilized as the first method in cyber-attacks and is one of the most prominent causes of data breaches and data security incidents for many organizations. Therefore, it is only critical for companies that allow the use of mobile devices in their workplace to familiarize themselves with mobile phishing. And in doing so, create a strategy that will reduce their risk of being an “easy target” for this kind of cyber-attack.
To learn more about the developing threats in mobile phishing, check the infographic below from TeleMessage
- Phishing volume grew by an average of more than 33% across the five most-targeted industries.
- Attacks targeting government tax authorities have grown more than 300% since 2014.
- Ransomware attacks, the predominant type of malware being distributed via phishing, are now focusing on organizations that are more likely to pay ransoms, such as healthcare, government, critical infrastructure, education, and small businesses.
- The share of attacks against targets in the United States continues to grow, accounting for more than 81% of all phishing attacks.
1. SMS Phishing
2. Phishing through Malicious Apps
3. Phishing Through Modifying Content Within an Application
4. URL Padding
- Educate and train employees around best practices in mobile security. This should include the principles of responsible communication practices, such as never clicking on links, unsolicited emails or those shared through mobile apps.
- Always use the official apps for sensitive sites.
- Be careful with URLs. On mobile devices with a larger screen, switching to landscape mode may reveal the full URL. If you’re using a smaller phone, tap on any suspicious URL, so you can quickly scroll through it in its entirety.
- Avoid sharing business credentials or personal information with anyone via unsecured mobile communication platform.
- Have a security solution in place that can monitor and capture any traffic directed at phishing sites. As a fundamental technique in the hacker’s toolkit, phishing domains form the cornerstone of most attacks.
Published February 22, 2018
Join the discussion — please keep to our Community Guidelines.