With organizations heavily focusing on protecting the corporate endpoint, cybercriminals are switching focus onto mobile devices where users are more prone to fall for their social engineering tactics.
We consume so much content from people you don’t personally know that it’s not part of your everyday process to stop and be critical of what’s being presented to you. And that’s exactly what cybercriminals are taking advantage of.
According to security vendor Zimperium’s 2023 Global Mobile Threat Report, text-based phishing attacks are not only on the rise, but there are examples of how the cybercrime ecosystem is responding to the “need” and making it easier for such attacks to take place.
- Between 2021 and 2022 (the time frame covered in the report), the total number of mobile malware samples detected increased by 51%
- During 2022, an average of 77,000 unique malware samples were discovered each month
- Zimperium detected an average of 2,000 pieces of “zero day” malware weekly
- 80% of phishing sites now either target mobile devices specifically or are designed to function on both mobile and desktops
The reason why this growth is occurring is purely because mobile device users are far more likely to engage with attack content than if they were on a traditional endpoint. Think about the magnitude of the headline of this article; if a user was just 8% likely to click on a malicious link on an endpoint, they are as much as 80% likely to click on the same link when presented on a mobile device. That’s a huge difference!
And with 73% of organizations that experienced a mobile-related compromise described it as a “major” breach, it means that these kinds of attacks are as serious as their endpoint-focused counterparts. And with the heightened risk of user engagement, it’s absolutely necessary that users be enrolled in new-school security awareness training to educate them on the kinds of attacks and social engineering being used, how to spot it, and how to ensure they don’t participate by engaging with the malicious content.
KnowBe4 enables your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.
New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn't a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your one-on-one demo of KnowBe4's security awareness training and simulated phishing platform and see how easy it can be!
