Mobile Phishing Attacks Targeting Enterprises Surge, Zimperium Researchers Find
September 2024 by Zimperium
Zimperium announced the release of its 2024 Global Mobile Threat Report, which highlights critical mobile threat trends from the past year. The zLabs researchers uncovered a significant rise in “mishing” – also known as mobile targeted phishing – a technique that employs various tactics specifically designed to exploit vulnerabilities in mobile devices and users. Notably, the report reveals that 82% of phishing sites now target mobile devices. As cybercriminals increasingly adopt a “mobile-first” attack strategy, they leverage a multitude of techniques to infiltrate enterprise systems by targeting weak, unsecured, and unmanaged mobile endpoints, recognizing mobile as a major entry point to corporate networks and sensitive data.
Mishing – A Top Threat Facing Businesses
Cybercriminals are crafting their attacks to exploit the trust employees generally have in their mobile devices. The zLabs researchers found that 76% of phishing sites targeting enterprises are using HTTPS, a secure communication protocol that leads victims to believe the website on their device is legitimate. Employees are less likely to notice these phishing attempts because of their smaller screen sizes and less visible security indicators, such as hidden URL bars.
The success of mishing sites lies in their hit-and-run approach, where cybercriminals can launch deceptive domains rapidly, then have them disappear before they are ever detected, creating significant challenges for CISOs and their teams. The researchers found that around one-quarter of mobile phishing sites become operable less than 24 hours after their creation, launching malicious activities almost immediately.
“It is undeniable that mobile devices and applications have become the most critical digital channels to protect in our organizations,” said Shridhar Mittal, Chief Executive Officer, Zimperium. “In today’s digital age, where 71% of employees leverage smartphones for work tasks, enterprises must effectively protect their mobile endpoints by adopting a multi-layered security strategy including mobile threat defense and mobile app vetting. Our zLabs researchers meticulously analyzed the nature of mobile attacks, uncovering an attack surface within enterprises that requires a strategic and mobile-centered response.”
Enterprise Risk Posed by Sideloaded Apps
Along with the rise in mishing, zLabs researchers unveiled the dangers of sideloading apps – the practice of installing mobile apps on a device that are not from the official app stores. Financial services organizations saw 68% of its mobile threats attributed to sideloaded apps. In fact, zLabs researchers found that mobile users who engage in sideloading are 200% more likely to have malware running on their devices than those who do not. Riskware and trojans, applications that disguise themselves as legitimate apps, are the most common malware families found. APAC outpaced all regions in sideloading risk, with 43% of Android devices sideloading apps.
Surging Platform Vulnerabilities
When it comes to platform vulnerabilities, 2023 witnessed a surge in identified Common Vulnerabilities and Exposures (CVEs) among both Android and iOS. The zLabs research team detected 1,421 CVEs in Android devices tested, representing a 58% increase from 2022. Sixteen of these vulnerabilities were exploited in the wild, which means they were exploited within the real world, rather than test environments. iOS devices tested saw 269 CVEs, representing a 10% increase, 20 of them being exploited in the wild.
The data underscores that iOS and Android devices are not inherently secure, with both platforms seeing significant vulnerability increases. Despite frequent updates—24 for Android and 35 for iOS in 2023—enterprises are finding it difficult to manage updates across all devices, highlighting the need for proactive mobile security strategies beyond platform updates.
“Mishing attacks and mobile malware are increasingly evading detection, often going unnoticed by businesses,” said Chris Cinnamo, Senior Vice President of Product Management, Zimperium. “To effectively navigate this evolving mobile threat landscape, enterprise security teams must prioritize the attacks specifically targeting employee mobile devices. Without proactive measures, these attacks will continue to weave into enterprises, exploiting the sensitive data and disrupting organizational operations.”
Other Key Findings:
● The number of enterprise devices connected to unsecured networks increased by 45%
● A mobile device connects to a risky network 17 times in the span of a year, on average
● Microsoft was the most phished brand, representing 23% of imitated phishing sites
These findings all point to a single truth: protecting mobile devices is not optional – it is the cornerstone of digital security. By establishing a robust mobile security strategy, enterprises can close the gaps within their workforce, strengthen their mobile security posture, and reduce the risk of a business-disrupting cyberattack.
Methodology
To thoroughly assess the impact of the security trends highlighted in this year’s report, Zimperium analyzed an anonymized dataset of mobile devices protected by Zimperium Mobile Threat Defense, Advanced App Analysis, and zDefend. This detailed analysis reviewed data from the past year, covering a range of devices worldwide on both iOS and Android-operated systems.