Mobile Device Phishing Has Skyrocketed 85% Every Year Since 2011
By: Jim Stickley and Tina Davis
May 14, 2019
There’s not a whole lot of good news for mobile device users when it comes to email phishing. Researchers from Lookout found a steep uptick in email phishing with 85% growth every year for the past 8 years. This jump should concern all who use mobile devices on a daily basis--except for the hackers who benefit from that increase, of course. It’s survival of the cyber-fittest and mobile users need to be at the top of their games to ensure that they, and not the hackers, are victorious.
There is no shortage of statistics on email phishing as attacks continue to evolve and strengthen. According to a 2018 Symantec report, 54.6% of all email is spam, with the average user receiving 16 malicious spam emails per month. But when it comes to mobile devices, findings by Wandera show more than 57% of all internet traffic comes from mobile devices, with 48% of phishing attacks happening on those devices. The findings also show users are 3x more vulnerable to email phishing on mobile devices, compared to their desktop counterparts.
Wandera also finds that every 20 seconds, a new phishing site is created, adding over 4,000 new mobile phishing pages every day. With the odds stacked against mobile users, cybersecurity experts take a closer look at the current state of mobile device phishing and offer suggestions to avoid getting caught up in the evolving issue.
- Use Antivirus Software. Even though smartphones are kept updated with security patches by the manufactures, antivirus adds another layer of protection. It will alert you to malicious activity on your device and block it from attack. Make sure to keep it up to date!
- Use a VPN (Virtual Private Network). VPN’s encrypt your data and online activity, helping to keep it from being hijacked and used by hackers. Since using public Wi-Fi is risky–especially when using the device for banking or online purchases–a VPN also stops hackers from monitoring your activity and from sending links to malicious websites.
- Use caller ID. Since smartphones are used for vishing (voice phishing), callers claiming to be from the IRS, your bank, or from those telling users they won a contest, vishing calls are designed to drag more PII (Personally Identifiable Information) out of you. Hackers use PII to perpetrate identity theft and other crimes. Keep tight lipped and don’t tell them anything. Just hang up.
- Use apps only from the official Google Play Store or Apple App Store. Although both sites actively look for bogus apps containing malware in their stores, they don’t get them all. However, sideloading apps on mobile devices from third-party sites is an open invitation to a malware disaster.
- Use mobile device locking options. Set your device to lock quickly after your last use. There are options to choose how fast a device will automatically lock when not in use. Since fingerprints and facial recognition can be hacked, creating a strong unlock-password using numbers is best.