Surge in mobile phishing attacks

The 2024 zLabs Global Mobile Threat Report found 82% of phishing sites now targeting enterprise mobile devices.

  • 1 month ago Posted in

Zimperium has released its 2024 Global Mobile Threat Report, which highlights critical mobile threat trends from the past year. The zLabs researchers uncovered a significant rise in “mishing” – also known as mobile targeted phishing – a technique that employs various tactics specifically designed to exploit vulnerabilities in mobile devices and users. Notably, the report reveals that 82% of phishing sites now target mobile devices. As cybercriminals increasingly adopt a “mobile-first” attack strategy, they leverage a multitude of techniques to infiltrate enterprise systems by targeting weak, unsecured, and unmanaged mobile endpoints, recognizing mobile as a major entry point to corporate networks and sensitive data.

Mishing – A Top Threat Facing Businesses

Cybercriminals are crafting their attacks to exploit the trust employees generally have in their mobile devices. The zLabs researchers found that 76% of phishing sites targeting enterprises are using HTTPS, a secure communication protocol that leads victims to believe the website on their device is legitimate. Employees are less likely to notice these phishing attempts because of their smaller screen sizes and less visible security indicators, such as hidden URL bars.

The success of mishing sites lies in their hit-and-run approach, where cybercriminals can launch deceptive domains rapidly, then have them disappear before they are ever detected, creating significant challenges for CISOs and their teams. The researchers found that around one-quarter of mobile phishing sites become operable less than 24 hours after their creation, launching malicious activities almost immediately.

“It is undeniable that mobile devices and applications have become the most critical digital channels to protect in our organizations,” said Shridhar Mittal, Chief Executive Officer, Zimperium. “In today’s digital age, where 71% of employees leverage smartphones for work tasks, enterprises must effectively protect their mobile endpoints by adopting a multi-layered security strategy including mobile threat defense and mobile app vetting. Our zLabs researchers meticulously analyzed the nature of mobile attacks, uncovering an attack surface within enterprises that requires a strategic and mobile-centered response.”

Enterprise Risk Posed by Sideloaded Apps

Along with the rise in mishing, zLabs researchers unveiled the dangers of sideloading apps – the practice of installing mobile apps on a device that are not from the official app stores. Financial services organizations saw 68% of its mobile threats attributed to sideloaded apps. In fact, zLabs researchers found that mobile users who engage in sideloading are 200% more likely to have malware running on their devices than those who do not. Riskware and trojans, applications that disguise themselves as legitimate apps, are the most common malware families found. APAC outpaced all regions in sideloading risk, with 43% of Android devices sideloading apps.

Surging Platform Vulnerabilities

When it comes to platform vulnerabilities, 2023 witnessed a surge in identified Common Vulnerabilities and Exposures (CVEs) among both Android and iOS. The zLabs research team detected 1,421 CVEs in Android devices tested, representing a 58% increase from 2022. Sixteen of these vulnerabilities were exploited in the wild, which means they were exploited within the real world, rather than test environments. iOS devices tested saw 269 CVEs, representing a 10% increase, 20 of them being exploited in the wild.

The data underscores that iOS and Android devices are not inherently secure, with both platforms seeing significant vulnerability increases. Despite frequent updates—24 for Android and 35 for iOS in 2023—enterprises are finding it difficult to manage updates across all devices, highlighting the need for proactive mobile security strategies beyond platform updates.

“Mishing attacks and mobile malware are increasingly evading detection, often going unnoticed by businesses,” said Chris Cinnamo, Senior Vice President of Product Management, Zimperium. “To effectively navigate this evolving mobile threat landscape, enterprise security teams must prioritize the attacks specifically targeting employee mobile devices. Without proactive measures, these attacks will continue to weave into enterprises, exploiting the sensitive data and disrupting organizational operations.”

Other Key Findings:

The number of enterprise devices connected to unsecured networks increased by 45%

A mobile device connects to a risky network 17 times in the span of a year, on average

Microsoft was the most phished brand, representing 23% of imitated phishing sites

These findings all point to a single truth: protecting mobile devices is not optional – it is the cornerstone of digital security. By establishing a robust mobile security strategy, enterprises can close the gaps within their workforce, strengthen their mobile security posture, and reduce the risk of a business-disrupting cyberattack.

Ransom attacks in the cloud are a perennially popular topic of discussion in the cloud security...
Talent and training partner, mthree, which supports major global tech, banking, and business...
Cloud-native organisations to gain full understanding over every identity in the cloud, secured...
MSSPs identify regulatory compliance as additional factor as organisations seek to shift...
Orange Business (Norway), a global leader in digital services, has selected ARMO’s advanced...
Gigamon and Exclusive Networks have expanded their existing distribution partnership, broadening...
Trustwave and Cybereason have announced a definitive merger agreement offering a comprehensive and...
FortiDLP’s unified approach to data protection enables enterprise organizations to anticipate and...