Recent data from Lookout’s The Global State of Mobile Phishing report reveals that mobile devices are increasingly becoming a popular attack vector for phishing, and the devices’ prevalence is because the attacks are working, with users falling for them. The report showed that in 2022, more than 50% of all mobile devices were exposed to a mobile attack. In the enterprise, 21% of users have experienced mobile phishing attacks; in the US alone, 36% of users have encountered this type of attack.
Furthermore, the report also indicates that the percentage of users engaging with six or more phishing emails on enterprise devices continuously increased from 1.6% in 2020 to 11.8% in 2022, over six times its original figure. This increase is far less staggering on personal devices, but it is still alarming as it indicates a 93% increase in users who have clicked on six or more phishing links since 2020.
All these data suggest that mobile devices are becoming popular with attackers. Personal devices are more prone to attacks since users tend to use them remotely with less focus on protecting the organization. Therefore, Security Awareness Training is critical to educate users on the need to be vigilant regardless of the device and help organizations remain protected against attacks.
Security Awareness Training should focus on how to identify malicious links, how to protect personal and organizational data, and how to recognize phishing attacks. Additionally, it is essential for organizations to ensure that their employees are aware of the latest security trends and understand the importance of using secure passwords. All users should be informed about the risks associated with using mobile devices for work-related tasks and how to protect themselves from security threats. By educating users on these topics, organizations can drastically reduce their risk of falling victim to cyberattacks.