A recent survey by Lookout, Inc. warns for a specific attack vector as Labor Day approaches. The study shows that 85% of enterprise employees capable of remote work plan to do so on Friday, September 1, primarily using mobile devices.
This creates an ideal environment for hackers to launch targeted phishing attacks. The risk is exacerbated by the fact that 80% of respondents admit to being more relaxed and distracted when working remotely on Fridays during the summer. Additionally, 68% are more likely to use personal devices for work, and 13% have fallen for phishing scams while working from home.
Alarmingly, 21% of employees stated they would continue working as usual even if they fell victim to a phishing attack, and 9% would wait until after the weekend to report it. With 65% of employees saying they would quit if remote work policies changed, stopping remote work isn't an option for companies.
Aaron Cockerill, Executive VP of Product at Lookout, emphasized that the use of personal devices for work significantly increases phishing risks. He urged businesses to adapt their defenses and technology to mitigate these risks.
The survey builds on Lookout's 2022 Global State of Mobile Phishing Report, which found that over 50% of personal devices were exposed to mobile phishing attacks every quarter. The report also highlighted that organizations in regulated industries like insurance, banking, and healthcare are most targeted.
To safeguard against these threats, organizations should implement consistent policies based on zero-trust principles. Continuous validation of users and data is crucial. Companies should also focus on protecting all devices, including mobiles, from phishing attacks. Advanced context-aware data protection strategies that allow, limit, or deny access based on various factors like location and device type are essential for minimizing risks like data leakage and unauthorized access to sensitive data.
And of course, step those users through frequent new-school security awareness training.