Lookout Q3: iOS Faces More Phishing Threats Than Android

Lookout, Inc., the data-centric cloud security company, released the Lookout Mobile Threat Landscape Report for Q3 2024. The report highlights insights behind a 17% increase QoQ in enterprise-focused credential theft and phishing attempts, 32% increase QoQ in malicious app detections and a trend showing iOS devices are more exposed to phishing attacks than Android devices. Lookout data also reveals commoditization of advanced malware, evolution of nation-state mobile malware capabilities and a heavy reliance on mobile-focused social engineering – key signs pointing to a new era where mobile devices must be included in the scope of today’s enterprise security strategy to defend against the modern kill chain.

CyberTech Insights and News: Cynet Achieves 100 Percent Protection & Detection in MITRE 2024

“Incorporating advanced MTD as part of a comprehensive defense strategy is critical to ensuring organizations can operate securely in a digital-first world.”

The Lookout Mobile Threat Landscape Report is based on data derived from the Lookout Security Cloud’s ever-growing AI-driven mobile dataset of more than 220 million devices, 360 million apps and billions of web items. The Lookout Security Cloud has identified 473 million phishing and malicious sites since 2019. In addition, it leverages AI to analyze data and identify malware, phishing attacks and other sophisticated network-based threats.

Lookout data for Q3 2024 also reveals:

Three significant findings from advanced persistent threat groups (APTs) based in China, Russia and North Korea.
More than 106,000 malicious apps were detected on enterprise mobile devices, which can vary widely from trojan malware to sophisticated spyware.
Lookout protected customers against 48 new mobile malware families, and customers were given enhanced protection against 85 known mobile malware families.
iOS is more popular for enterprises than Android, therefore Lookout observed iOS targeted by threat actors more often (18.4%) in phishing attacks than Android (11.4%) in Q3 2024.
Top device misconfigurations include out-of-date OS, out-of-date Android Security Patch Levels (ASPL), no device lock and no encryption.
The most critical families of mobile malware continued to lean heavily towards Android surveillanceware.
The top ten most common mobile browser vulnerabilities encountered by Lookout users affect Chromium-based browsers. Attackers target these vulnerabilities in particular in hopes users haven’t updated to patched versions.
Outside of browser vulnerabilities, the five most common mobile app vulnerabilities encountered by Lookout users were in social media, messaging and authentication apps and app stores.

The Evolution of the Modern Kill Chain and Enterprise Security Strategy

With the commoditization of advanced malware, evolution of nation-state mobile malware capabilities, and a heavy reliance on mobile-focused social engineering, organizations today must have advanced mobile threat defense as part of their security strategy. Threat actors are increasingly targeting mobile devices to steal credentials and infiltrate the enterprise cloud in a pathway known as the modern kill chain. In particular, executive impersonation attacks have risen as a new tactic in the modern kill chain.

To combat new mobile threats, Lookout recently added new features to its Mobile Threat Defense (MTD) solution, Lookout Mobile Endpoint Security, including protection against executive impersonation texts and smishing attacks. However, hackers don’t stop at impersonation attempts to infiltrate corporate networks, so security teams must leverage all the threat intelligence they can get to effectively defend against sophisticated cyber attacks and stay ahead of evolving threats.

“As cyber threats evolve, we’re seeing more and more attacks targeting mobile devices as the gateway to corporate cloud apps that house sensitive data. This trend underscores the urgent need for advanced MTD solutions that not only protect devices but also safeguard the sensitive data and systems they connect to,” said David Richardson, Vice President of Endpoint, Lookout. “Incorporating advanced MTD as part of a comprehensive defense strategy is critical to ensuring organizations can operate securely in a digital-first world.”

Lookout Threat Lab: Empowering Security Teams with Mobile Threat Intelligence

Lookout collects and analyzes proprietary data points to provide customer security teams with comprehensive protection capabilities against mobile cyber attacks. Its advanced threat intelligence and AI machine learning technology ensure that mobile devices are safeguarded from the latest threats.

CyberTech Insights and News: Silent Push Raises $10 Milion, Earns Tradewinds Marketplace Spot

To share your insights, please write to us at news@intentamplify.com

Source – Businesswire

Tags: AI in cybersecurity, cyber threats, Cybersecurity, Cybersecurity technology, Lookout

devanand.m

CyberTech Media Room is a community of seasoned Cybersecurity Technology Specialists with over 50+ years of experience in safeguarding digital infrastructures across diverse industries. With a deep understanding of emerging cyber threats and the latest in security technologies, the team specializes in developing and implementing cutting-edge solutions to protect critical data, networks, and applications. Passionate about AI-driven cybersecurity, cloud security, and risk management, CyberTech Media Room works with both startups and global enterprises to navigate the evolving cybersecurity landscape. In addition to technical expertise, the team is an advocate for open-source security tools, data privacy, and security education. When not working with clients to bolster their security posture, [Author Name] enjoys speaking at industry events, writing thought leadership articles, and mentoring the next generation of cybersecurity professionals.