SMiShing is a Growing Mobile Phishing Threat Vector (That Needs Your Attention)
Protecting mobile users from today’s phishing threats is
a huge and growing challenge for IT security teams. Employees increasingly rely
on mobile devices as part of their everyday business and personal tasks. And
with the popularity of mobile BYOD, unclear security policies, lack of
full-time VPN tunneling, and relatively poor protections on mobile, users of
these devices are at higher risk of mobile phishing threats.
Here are some additional stats to ponder from Verizon’s
2020 Mobile Security Index report:
- 54% of companies were less confident about the
security of their mobile devices than that of their other systems - 15% of enterprise users (18% in the U.S.)
encountered a mobile phishing link in Q3 2019 - 21% of organizations that were compromised said
that a rogue or unapproved application had contributed to the incident - 39% of companies suffered a mobile-related
security compromise - 31% of devices were found to harbor known
threats, based on MobileIron data - 45% of organizations said that their defenses
are falling behind attackers’ capabilities - 85% of attacks seen on mobile devices now take
place via mediums other than email
These statistics are too compelling to ignore if you’re
responsible for corporate security!
While email remains the most popular overall phishing
attack vector, an increasingly common (and dangerous) attack vector is SMS
phishing for mobile devices. These attacks – often called SMiShing – are
initiated in the form of a text message disguised as a communication from a
trusted brand such as a bank or payment service, or even a trusted person, and
frequently uses a disguised link. People tend to respond to text messages much
quicker and with less thought than email, and their screens can hide important
clues about the web pages they visit, making SMiShing a very effective, and
thus dangerous, attack vector.
Further complicating matters is that phishing protections
on iOS and Android devices is almost non-existent, putting users and
organization at increased risk of SMiShing attacks. With SlashNext, however,
malicious SMS/text messages are accurately identified and quarantined,
protecting users from taking the bait. Our native iOS and Android apps provide
heavyweight mobile protection yet feature lightweight memory consumption and
negligible battery usage.
Today’s reliance on mobile devices as a business tool
means that it’s time to take mobile phishing protection seriously! Our Mobile Phishing
Protection protects iOS and Android device users, and our Browser Phishing
Protection comes as lightweight browser extensions that augment
endpoint security solutions on Windows, MacOS, Chrome OS, and Linux machines
operating both inside and outside the network perimeter. Both solutions provide
the industry’s strongest remote user
phishing protection against zero-hour threats, regardless of how
users are phished.
To find out how you can protect your mobile workforce
from sophisticated phishing and social engineering attacks, contact us to see a
demonstration
of our anti-phishing and IR solutions.
*** This is a Security Bloggers Network syndicated blog from SlashNext authored by Lisa O'Reilly. Read the original post at: https://www.slashnext.com/blog/smishing-is-a-growing-mobile-phishing-threat-vector-that-needs-your-attention/
