Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    Mobile Devices Rise as a Top Attack Vector for Cybercriminals; Malware and Phishing Remain Primary Concerns

    Cybercriminals are using every means available to reach their victims. According to Verizon’s latest data, attacks on mobile devices are increasing while security efforts fall behind.

    When Verizon says jump, Security professionals had better say “how high”. And, in 2019, a focus on mobile is critical. According to Verizon’s recent Mobile Security Index 2019 report, 51% of “sophisticated actors” are targeting both mobile devices and desktops, putting more entry points at risk.

    It appears that this tactic is working; the percentage of organizations confirming a mobile device introduced unnecessary risk or was involved in a data breach in 2018 rose to 33 percent in 2018; a 22% increase from the previous year. This has 83% of organizations concerned about mobile threats, and the need to deploy stronger mobile security.

    According to the report:

    • 85% said mobile device security needs to be taken more seriously
    • 67% said mobile security isn’t on par with other devices
    • 46% of those organizations that sacrificed security admitted to suffering a compromise

    So, what tactics are working on mobile?

    It turns out, much the same as on traditional endpoints. According to the report, malware and phishing top the list of threat tactics used on mobile.

     

    malware

    Source: Verizon

    What makes this data interesting is that Phishing is marked as being a “user behavior-based” tactic, but malware is “app based”. Malware doesn’t get on a device on its own; social engineering is used to trick device users into clicking links, installing apps, and engaging in an attackers campaign. This puts the top three (as ransomware equally fits the mold) as needing to involve the user to be impactful.

    An organization’s greatest asset in this case is to employ Security Awareness Training as a means to inform users on the tactics used, how to spot them, and how to avoid becoming a victim – lowering the risk the mobile device presents to the organization.

     

    Return To KnowBe4 Security Blog

    Request A Demo: Security Awareness Training

    products-KB4SAT6-2-1New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn't a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your one-on-one demo of KnowBe4's security awareness training and simulated phishing platform and see how easy it can be!

    Request a Demo!

    PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

    https://www.knowbe4.com/kmsat-security-awareness-training-demo

    Topics: Phishing

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews