Wandera Report Finds Phishing Attacks are Moving to Mobile Messaging and Social Apps at an Alarming Rate

Report Also Reveals Mobile Users are 18x More Likely to be Phished Than to Download Malware


SAN FRANCISCO, May 08, 2018 (GLOBE NEWSWIRE) -- Mobile security specialist Wandera has released a study on mobile phishing attacks that underlines just how valuable a corporate mobile device is to today’s cyber criminalsand how phishing is the primary technique being used to exploit them.

Mobile phishing on the rise
Phishing is the number one mobile threat affecting organizations. New research in Wandera’s Phishing Report 2018 shows that mobile users are 18x more likely to be phished than to download malware, and that 4000 new mobile phishing websites are launched every day.

Corporate devices hold a vast array of data for attackers to target. While many apps are authenticated with single sign on services like Okta and OneLogin, many employees make use of their own user credentials or Facebook and Google logins. The average iOS user has 14 different accounts on their work phone, typically including services such as Amazon, Paypal and AirBnb. On Android, there are even more for the phishers to steal, with the average user having apps requiring 20 unique logins.

“Our research shows that phishers are increasingly leveraging brands that have over a billion users and a higher difficulty to breach. The price of such credentials on the dark web are increasing in price suggesting they are in higher demand,” said Michael Covington, VP of Product Strategy at Wandera.

The growth in mobile phishing

  • The average mobile user is 18x more likely to encounter a phishing attack than a malware attack
  • A new mobile phishing page is launched every 20 seconds. That’s more than 4,000 new phishing sites per day
  • 5% of all successful mobile phishing attacks take place on dating apps
  • 90% of cyberattacks start with a phishing attack *1
  • Users are 3x more likely to fall for phishing on mobile *2 than desktop

The applications where mobile phishing attacks originate 3
*A huge growth in mobile/social media phishing

Messaging(17.3%)+170% increase on 2017
Social media(16.4%)+102% increase on 2017
Dating(6.2%) 
Gaming(11.3%) 
Email(15.4%) 
Sports(6.2%) 
News and weather(3%) 
Productivity(10.2%) 
Travel(2.1%) 
Ecommerce(5.3%) 
Music(1.3%) 
Food and drink(2.2%) 
Finance(1%) 
Health and fitness(2.1%) 

The top 5 apps for messenger phishing

  1. Messenger (inbuilt iOS/Android)
  2. WhatsApp
  3. Facebook Messenger
  4. LINE
  5. Viber

Top 10 brands targeted by phishing attacks

1.  Facebook
2.  Apple
3.  Google
4.  Amazon
5.  Paypal
6.  Government sites
7.  Microsoft
8.  Fox News
9.  Dropbox
10. WhatsApp

Zero-day phishing protection
Solutions available on the market now rely on existing logs of phishing domains to enforce blocks. Wandera has advanced MI:RIAM’s phishing algorithm with next-generation machine learning to proactively seek out, recognize, and block phishing attacks before they hit their first ‘patient zero’. The zero-day phishing algorithm is complex, and relies on a variety of input factors to determine if a web page is in fact malicious. Numerous points of data are analyzed and taken together to generate a risk score which ultimately determines if the page is flagged and blocked the moment it is discovered.

About Wandera
Wandera is the experts' choice in mobile security. This year, Wandera was awarded SC Magazine's Mobile Security Solution of the Year and recognized by the leading analysts covering the Mobile Threat Defense category. Wandera has the deepest visibility into data coming in and out of mobile devices and apps. The industry's largest mobile dataset is analysed in real-time by cloud intelligence engine MI:RIAM. Wandera is the only solution that gives security leaders the ability to manage risk and prevent threats in enterprise mobility. Founded in 2012, Wandera protects hundreds of global enterprise customers and is headquartered in London and San Francisco. For more information visit wandera.com

References

1. http://www.verizonenterprise.com/verizon-insights-lab/dbir/
2. https://securityintelligence.com/mobile-users-3-times-more-vulnerable-to-phishing-attacks/
3. Wandera Mobile Phishing Report 2018


            

Kontaktdaten