Mobile Phishing Attacks Surge 85%
April 11, 2018
report has exposed the growing risk of phishing on mobile devices. In a
study of Lookout users, more than half clicked mobile phishing URLs that
bypassed existing security controls. Since 2011, Lookout has observed
this mobile phishing URL click rate increase 85 percent year-over-year.
To address this growing threat, Lookout also introduced today phishing &
content protection to Lookout Mobile Endpoint Security.
Mobile Phishing 2018: myths and facts
facing every modern enterprise is the first mobile security report to
provide these mobile phishing URL click rates, joining a growing body of
research that establishes that most cyber attacks begin with phishing
and people are more susceptible to phishing on mobile. The report
analyzes data from more than 67 million mobile devices protected by
Lookout since 2011. All data is anonymous, and no corporate data,
networks, or systems were accessed to perform this analysis.
•Mobile phishing yields responses from most users - Fifty-six percent of Lookout users received and clicked on their mobile device a phishing URL that bypassed existing layers of phishing defense. Of those mobile users that clicked on a mobile phishing URL, they did so an average of six times per year.
•Mobile phishing is increasing - The
rate at which Lookout users are receiving and clicking on phishing URLs
on their mobile devices has grown year-over-year by a staggering 85
percent on average since 2011.
•Detect - Detect phishing attempts from any source on mobile devices, including email (corporate or personal), SMS, chat apps, social media, and more, and set policies to protect against phishing attempts.
•Protect - Block connections on mobile devices to known malicious URLs hosted on risky websites that may attempt to phish for credentials or perform other malicious acts.
•Remediate - Alert end-users at the actual time of URL access. This real-time alert prevents exposure to the phishing or malicious site.
•Analyze - Gain visibility into the frequency and severity of users clicking phishing and malicious links, as well as track whether or not devices have enabled phishing & content protection. Devices that do not have the feature enabled are marked as out-of-compliance allowing for typical enterprise remediation through integration to leading EMM vendors.