Mobile Phones Aren’t Safe from Phishing Attacks

In today’s day and age, we don’t go anywhere without our phones. Especially during the pandemic, we rely on our mobile devices to connect with family and friends. However, a 2020 study from the cloud security company Lookout suggests that our mobile devices are not as safe as we think.

According to Lookout, mobile phishing attacks grew 37% from Q4 2019 to Q1 2020, with much of this growth attributed to new attacks related to COVID-19. These attacks come from many mobile channels, including social media apps, gaming apps, banking apps and messaging services.

Common Mobile Phishing Attacks:

• URL Padding: The hacker uses a real and recognizably safe domain up front but then adds hyphens or other characters to conceal the malicious domain.
• Man-in-the-Middle Attack: A user receives a message from a trusted organization asking them to log in via their browser and verify account details. The link leads them to a malicious site that looks exactly like the organization’s real website.
• Overlay Attack: The attacker delivers a fake login screen inside the mobile app, placing the fake screen on top of the real screen.

While people are primed to receive phishing attacks on their desktop and laptop computers, they generally feel safer when using a mobile device. Regardless of what device you use, it’s important to stay vigilant online and think before you click. 

Stop cyberattacks in their tracks with YYTECH’s Security Awareness Training. Our training solution showcases best practices for a company’s first line of defense — its employees — and teaches them how to detect and prevent cyberattacks.

Learn more about how Security Awareness Training can help to protect your organization.