The Global State of Mobile Phishing Report

Gone are the days of brute force cyber attacks. Users, endpoints, and applications are now closely connected to each other, which means threat actors can initiate advanced attacks by simply stealing an employee’s credentials. By posing as a legitimate user, attackers can bypass many security measures to gain access to as much data as possible.
One of the most effective tactics to steal login credentials is mobile phishing. In fact, according to global data from Lookout, 2022 had the highest percentage of mobile phishing encounter rates ever — with an average of more than 30% of personal and enterprise users exposed to these attacks every quarter.1 This poses significant security, compliance, and financial risk to organizations in every industry.
A significant contributor to this trend is likely hybrid work, which has made the idea of using personal devices for work more broadly accepted as organizations relax their bringyour-own-device (BYOD) policies. While this gives employees the flexibility to work the way they prefer, it adds significant risk to the enterprise — so much that Verizon referred to BYOD as ‘bring your own danger’ in its 2022 Mobile Security Index (MSI) Report. This is because, as you will learn in this report, BYOD introduces additional risk to corporate users, devices, apps, and data.
The risks associated with mobile phishing go far beyond BYOD devices. Any device, regardless of whether it’s iOS or Android, personal, corporate owned, managed, or unmanaged, is susceptible to phishing. Mobile apps with a messaging function could be used to socially engineer individuals and execute these campaigns, which means modern phishing techniques go far beyond leveraging email delivery, which many still may perceive as the primary source of phishing.

    Leave a Reply

    Your email address will not be published. Required fields are marked *