image

Advertorial: Most data compromises begin the same way, a phishing attack.

maandag 6 januari 2020, 09:46 door Redactie

The reliance on mobile phones in the workplace has facilitated an increase in cybersecurity threats that many enterprises are not equipped to handle. Employees work differently now, accessing sensitive corporate data from their mobile devices while on the go, at airports, on public transport, or at off-site meetings.

Cyber opportunists have taken note and have started focusing their attacks on iOS and Android devices via phishing, messaging applications, jailbroken devices, and network-based attacks; beyond the corporate perimeter, where enterprise security isn’t protecting the user.

To put things in context, 88% of credential theft is achieved from a phishing link (Phishlabs) and Lookout research identified mobile users are 300% more likely to click a phishing link than desktop users. Often, even for a trained security professional, identifying phishing on mobile is extremely difficult to spot with the naked eye. Try it!

Small screen sizes on mobile devices make it difficult for users to identify phishing attacks due to the inability to hover over hyperlinks to show destinations. Furthermore, users often don’t take the extra time to ensure content is safe due to a misguided trust in the "inherent" security of mobile devices.

Common phishing tactics used by hackers include:

  • Personal and corporate email - Attackers design an email to look and sound genuine, tricking employees into handing over sensitive data. Traditional secure email gateways block potential phishing emails and malicious URLs on corporate email but neglect personal email.
  • SMS messaging and online messaging platforms - Cybercriminals lure users to click or download malicious content on social media or instant messaging sites, by impersonating relatives or friends.
  • Business Email Compromise Cybercriminals imitate senior members of staff, often C-level executives, to trick unsuspecting employees to take action such as wiring payments or transferring funds to alternate bank accounts.
  • Malicious ad networks - Apps use URLs in their backends to communicate with other services. If a malicious URL is tapped, it could result in a person experiencing a malicious ad campaign.

In most cases, personal email and applications co-exist on the same device as corporate applications. Therefore, once the device is compromised, so is the corporate data integrity. You can learn more about how phishing threats are evolving to target enterprise data outside of the traditional firewall in the "Mobile Phishing: Myths and facts facing every modern enterprise today" whitepaper here.

Other large-scale examples of real-life phishing attacks:

Dark Caracal uses phishing messages through WhatsApp and Facebook to lure victims into clicking malicious links and downloading Android malware. The Android malware, called Pallas, then surveils the victim’s device, collecting huge amounts of data. Dark Caracal targets include governments, militaries, utilities, financial institutions, manufacturing companies and defence contractors. The types of exfiltrated data are extensive, including documents, call records, audio recordings, secure messaging client content, contact information, text messages, photos and account data.

The Pegasus surveillanceware received worldwide attention because of its severity. The operators distributing Pegasus sent victims a phishing message via SMS. If the victim clicked, it set off a chain of silent events, leading to one of the most sophisticated iOS device compromise attacks Lookout has seen. Similarly, once on the device, Pegasus monitored all the activity on the device and collected significant amounts of sensitive data.

For more in-depth information on how to identify phishing threats and prevent data leakage in your enterprise from mobile devices, register for Lookout’s upcoming webinar here.

About Lookout

Lookout is a cybersecurity company for the post-perimeter, cloud-first, mobile-first world. Powered by the largest dataset of mobile code in existence, the Lookout Security Cloud provides visibility into the entire spectrum of mobile risk. Lookout is trusted by hundreds of millions of individual users, enterprises and government agencies and partners such as AT&T, Verizon, Vodafone, Microsoft, Apple and others.