Lookout mobile phishing report shows a 37% increase in enterprise mobile phishing attacks

Lookout’s 2020 mobile phishing report shows a 37% increase in enterprise mobile phishing encounter rate between the 2019 Q4 and Q1 of 2020. The report also indicates that un-mitigated mobile phishing threats could cost companies with 10,000 mobile devices as much as $35 million per occurrence and up to $150 million for companies with 50,000 mobile devices.

The Lookout mobile phishing report shows the various ways cybercriminals use to make their mobile phishing attacks more lucrative, and provides data on global encounter rates and the likely financial risk per occurrence. The phishing encounter rates are divided down by area, and by consumer and enterprise, to provide a broad understanding of the current state of mobile phishing attacks.

Following are the Key highlights from the Lookout Mobile Phishing Report include:

Enterprise phishing encounter rates tracked quarterly show sequential increases of 37.1 percent globally as well as increases of 66.3 percent in North America, 25.5 percent in EMEA and 27.7 percent in Asia Pacific.
Examples of the potential financial risk of up to $150 million per incident due to unmitigated phishing risks for healthcare, manufacturing and legal organizations.
Research synopsis of a real-world phishing campaign that targeted over 4,000 North American banking customers.
Examples of phishing attack delivery by a wide variety of mobile apps including SMS, social media and messaging apps in addition to email.
Best practices for organizations of any size to protect against and detect mobile phishing attacks.

Due to the lockdown and pandemic crisis, most of the people working remotely is at a record high. To stay productive and complete the task, many employees have turned to their smartphones and tablets. Phishing has been the most usually used method for hackers to infiltrate a company, and businesses have used user practice and email phishing security to combat cybercriminals. But with mobile devices, phishing risks no longer hide in email, but in SMS, messaging apps, and social media platforms. In addition, with a smaller form factor and simplified user experience, mobile devices also make it harder to spot the tell-tale signs of a phishing link – enabling a higher success rate for the cybercriminals attacking mobile compared to desktop devices.

“Smartphones and tablets are trusted devices that sit at the intersection of their owner’s personal and professional identity,” said David Richardson, vice president of product management at Lookout. “Cybercriminals are exploiting the ability to socially engineer victims on their mobile device in order to steal their credentials or sensitive private data.”

“Smartphones and tablets are trusted devices that sit at the intersection of their owner’s personal and professional identity, Cybercriminals are exploiting the ability to socially engineer victims on their mobile device in order to steal their credentials or sensitive private data.”
said David Richardson, vice president of product management at Lookout.