Your organization’s most vulnerable points of attack are no longer desktops — they’re in the pockets of your employees. Virtually everyone has a mobile device. And, even on the job, we use them for a multitude of tasks.
As a result, our devices are packed with critical information, making them rich targets for cybercrime. That crime comes at a high cost. A single breach can provide attackers the credentials they need to gain direct access to the cloud applications at the heart of your network.
The 2024 Verizon Mobile Security Index Report sheds light on the evolving risks to your operation and offers the critical insights and statistics you need to future-proof your security stack. Here, we explore five key findings from the report that organizations need to consider.
Insight #1: 85% of respondents say risks from mobile threats have increased in the past year.
In the years since Verizon began producing the Mobile Security Index Report, the number of mobile devices — and the attacks on them — have risen dramatically. So has awareness of mobile’s vulnerability. Just a few years ago, many people thought mobile devices were inherently more secure than desktops and laptops. Today, the vast majority of respondents recognize mobile device threats are a growing problem. Many have learned the hard way. More than half of those surveyed have experienced security incidents firsthand.
The increased awareness couldn’t come at a more critical time. Lookout’s recent Mobile Landscape Threat Report shows that the first quarter of 2024 was defined by a massive jump in social engineering crimes, as well as attacks targeting multi-factor authentication (MFA) solutions, and one of the largest healthcare breaches ever. There was a nearly threefold increase in phishing, malicious, denylisted, and offensive links delivered to mobile devices.
Insight #2: 25% of mobile users tapped on at least one phishing link in every quarter of 2023.
Cyberattacks usually begin at the most vulnerable point of access.That’s where the human factor comes in. Social engineering –– phishing in particular –– takes advantage of the fact that, at work and in our daily lives, we do so much with our phones that we’re frequently distracted when we’re on them. We’re always one distracted tap away from giving attackers access to our devices. And our critical data.
To find out just how vulnerable your employees may be to such an attack, check out our free SMS Phishing Assessment.
Insight #3: 64% believe they are at significant or extreme risk from mobile threats.
More and more people are concerned about the security of their devices. And that’s a good thing. The threats are real, the fears are valid, and the schemes are becoming increasingly difficult to spot.
Mobile devices are inherently more vulnerable to cyberattacks. Because they have smaller screens, it’s easy for attackers to create trustworthy-looking messages, and it’s much harder for users to tell if they are being targeted. Some attackers are even building carbon copies of organizations’ single sign-on (SSO) pages to convince targets to share information like usernames, passwords, and more. Even those with a keen eye could mistake these pages for the real thing and hand over their credentials.
Insight #4: 88% believe AI-assisted cybersecurity solutions will become increasingly important in the future.
According to another Verizon publication, the 2024 Verizon Data Breach Investigations Report, it doesn’t appear that cybercriminals have begun to use AI to launch attacks at scale. But there’s little doubt they’re experimenting with generative AI, honing their skills, and preparing for the day when they’ll use it to code malware more quickly and increase the volume of effective, targeted phishing attacks.
In fact, according to the Verizon Mobile Security Index Report, you can expect the volume of AI-enhanced attacks to increase over the coming year. You may not detect the change –– the impact will be subtle at first. Eventually, the report notes, everyone from sophisticated nation-states to criminal syndicates and solo actors will adopt AI.
AI-guided attacks will require solutions that fight fire with fire. That’s why the foundation of Lookout Mobile Endpoint Security is our AI and machine learning (ML) technology, which ensures you keep pace with the constantly evolving threat landscape. We use a big-data approach to automate security analysis and decision-making processes.
To power our engine, we've amassed the world's most extensive mobile threat dataset, comprising telemetry from more than 215 million devices and 300 million apps, and insights from more than 410 million URLs.
Insight #5: 77% of respondents believe AI-assisted attacks like deepfakes and SMS phishing are likely to succeed.
Simply put, deepfakes are video or audio recordings that manipulate a person's likeness, making them appear to do or say something they didn’t do or say. The AI technology to create deepfakes is widely available. It’s not only being used to spread false information, it’s playing a key role in cybercrime and scams.
One stunning example of the deepfake threat involved a finance worker at a multinational firm in Hong Kong. The worker was tricked into attending a video call with “coworkers.” Everyone on the call, except for the targeted worker, turned out to be a deepfake –– a video re-creation. Believing everyone else on the call was real, the worker agreed to remit $25 million.
High profile individuals like CEOs and CFOs are particularly appealing targets, and attackers use a precision mobile phishing tactic called spear phishing to trick these individuals into granting access to sensitive resources.
How Lookout Mobile Endpoint Security can help
The 2024 Verizon Mobile Security Index Report underscores the critical need for enhanced mobile security measures. As mobile threats continue to evolve, leveraging advanced solutions like Lookout Mobile Endpoint Security can help protect your organization from potential breaches and disruptions. Stay informed, stay secure, and ensure your mobile security strategy is up to date with the latest insights and technologies.
To learn more about the evolving mobile threat landscape, watch Lookout’s webinar with Verizon, The Modern Kill Chain: How Attacks Have Gone from Months to Mintues. You’ll learn about the evolution of the traditional cyber kill chain and the key capabilities you need to defend your organization against modern breaches.
Book a personalized, no-pressure demo today to learn:
Discover how adversaries use non-traditional methods for phishing on iOS/Android, see real-world examples of threats, and learn how an integrated security platform safeguards your organization.
The Modern Kill Chain: How Attacks Have Gone From Months to Minutes
Join experts from Lookout and Verizon to learn why breaches are now happening in minutes, not months.