Mobile Phishing – 3 Key Developments Everyone Should Know
Mobile Phishing is gaining momentum – Learn the, risks and how to safeguard your company data
Internet phishing is not a new threat. It has existed for many years in many different forms, constantly evolving in response to technical trends. Therefore, it is essential that companies and their phishing detection and protection solutions are also able to adapt to changes. Recently Cofense (the company formerly known as PhishMe) and Proofpoint published their annual phishing reports. Cofense’s ‘The State of Phishing Defense’ and Proofpoint’s ‘State of the Phish’ are widely regarded as credible sources on the current trends in both phishing campaigns and enterprises’ ability to defend against such attacks. Not surprisingly, mobile features prominently in both reports. Below, we outline three key takeaways from the reports related to mobile phishing.
Look beyond email
One of the main points outlined in Cofense’s report sensible risk management. It states that companies should know where their vital assets are, and which types of attacks pose the greatest threats. In short, businesses should focus protection efforts on what matters most to them. Today, smartphones and tablets now account for over 60% of all smart connected consumer devices. It is clear that focus should be shifting towards mobile. While email remains the easiest and most frequent attack vector, other social engineering techniques specific to mobile, are beginning to increase rapidly.
The 2018 Proofpoint User Risk Report found that 90% of 6000 working adults surveyed had a smartphone, with 39% using these devices for a blend of work and personal activities. More employees are accessing corporate data via mobile devices. Many cyber criminals use methods such as pretexting, vishing (voice phishing), and smishing (SMS phishing) to penetrate company defences. It is clear that security focus also needs to shift towards mobile.
At Corrata we understand that mobile devices have become essential to our everyday lives both at work and at home. While their increased use for work has allowed employees more convenience for greater innovation, new avenues for cyberattacks have also emerged. As well as methods like ‘smishing and vishing as outlined by Cofense, we have also seen a rise in phishing attacks using online messaging services such as WhatsApp, social media sites like Facebook and Instagram, and apps downloaded to the device from both official and unofficial app stores.
In response to this, Corrata was developed specifically to extend the security usually afforded to desktops to mobile devices. Our Security and Control solution detects and prevents access to phishing attacks on every platform, including email and vectors specific to mobile, ensuring that businesses are fully protected where it matters most as enterprise mobility continues to grow.
Attacks constantly evolving
One of the greatest difficulties posed by phishing threats today is their ability to quickly adapt and change in response to changes in technology and cyber security solutions. Due to the real-time, constantly connected nature of mobile, phishing campaigns are constantly evolving. In many cases, hackers create, deploy, engage, and dissolve attacks in as short as a single day. Businesses and internet users must be constantly aware of new emerging ‘Zero Day’ attacks. But, with over 46,000 new phishing sites created per day, and the majority online and active for little more than 4 to 8 hours, this is becoming more and more difficult. Where human knowledge fails, users usually rely on anti-phishing and other cyber security software to detect and protect from attacks.
Security must adapt
However, Cofense highlights the shortcomings of their ‘known bad’ approach in their report. Security solutions designed to fight existing or known threats create gaps in the cyber security landscape that hackers are happy to exploit. By publishing phishing sites online for such short periods of time before moving to entirely new hosting servers, the threat can do its damage. It can then move on before it can even be detected, rendering the security software essentially useless. It is in these initial few hours, before threat intelligence feeds can be updated, that mobile devices are most vulnerable and security solutions are most needed to detect and respond to threats.
A major breakthrough in the detecting Zero Day phishing attacks in real-time is the development of machine learning solutions. Solutions like Corrata’s SafePathML use continuous learning from datasets of malicious and safe domains to accurately assess whether they are credible. Similarly, they detect threats even before the wider cyber security community uncover them. Working with existing intelligence databases while also detecting these Zero Day attacks protects mobile devices from all phishing attacks.
Visibility is crucial
You cannot defend against attacks you cannot see. One of the main messages highlighted in Cofense’s report is that visibility is core to any security operation. What’s more, businesses cannot mitigate an attack if they has no knowledge of its existence. A lack of comprehensive visibility, increased layers of technology, and poor employee awareness can obscure the threat of phishing attacks.
In their 2019 Report, Proofpoint found that many employees lacked an understanding of basic cyber security terms. These particular related to mobile, and were therefore unable to actively defend themselves from attack. For example, 66% of respondents were correctly able to describe ‘phishing’. However, only 23% were able to explain ‘smishing’ and only 18% could correctly describe ‘vishing’. End users play a significant role in the battle against phishing by recognising threats as they arise. However, this cannot be expected without effective security awareness training.
Visibility in threat solutions
Visibility is also a crucial element in anti-phishing software solutions. This is one of the main elements of Corrata’s Security and Control solution. Unlike other solutions, Corrata probes deeper to see the metadata relating to all device network activity across multiple layers and protocols. These include Wi-Fi, cellular, IP, TCP, and HTTP. This granular level means we analyze 1000’s of discrete data points per device per day. This allows us to see and respond in real time to even the latest phishing attacks.
The ability to detect and protect from attacks as they occur is quickly becoming an essential aspect of enterprise security. With enterprise mobile usage growing so rapidly, it is no surprise that phishing attacks are focusing on mobile platforms. This leaves security and defense solutions with no other option but to follow suit.