Lookout Survey Reveals Critical Gaps in Mobile Endpoint Protection

A new survey conducted by Lookout revealed trends regarding mobile phishing attacks targeting enterprise organization employees. The survey, completed by 250 United States-based CISOs and other mobile and cloud cybersecurity leaders, illuminates the urgent need for enhanced measures to combat this growing threat.

An overwhelming 97% of respondents believe that malicious mobile apps or extensive mobile app permissions, such as access to contacts, SMS, camera and microphone, pose a threat to their organization and could result in the leakage of sensitive data. Within the last six months, 75% of organizations experienced mobile phishing attempts targeting their employees.

As seen with Scattered Spider attacks against enterprises, employee ​accounts ​were compromised within minutes of the attack’s initiation, followed by immediate internal social engineering via platforms including Slack, email and Microsoft Teams. Sensitive data was stolen within the first five minutes of the attack. The Modern Kill Chain, as defined by Lookout, emphasizes that it is crucial to respond to an attack as quickly as possible. However, the following survey results highlight the fact that a majority of organizations aren’t adequately equipped to respond swiftly to meet the rapid nature of today’s threats.

When asked how long it would take for their organization to respond to a mobile phishing attack, only 12.8% of the participants said they could respond instantly. 36.8% estimated a response time of 15 minutes to one hour, 30.8% stated a response time of two to four hours, 12% within five to eight hours and 7.6% were uncertain. Survey participants who cited a response time exceeding 15 minutes attributed their delayed action to two primary factors: insufficient automation and overwhelming data volume.

Participants were also surveyed on internal defense exercises. Results showed that less than one third of respondents conduct internal simulations of SMS phishing (33%), social engineering (32%), QR code phishing (30%) or voice phishing (30%).

Lookout data shows a growing trend of malicious actors utilizing social engineering tactics, particularly targeting users’ mobile phones to pilfer credentials that could allow direct access to sensitive corporate data that resides in the cloud. When attackers exploit the likelihood of human error in mobile device usage, they can capitalize on the inevitability of occasional mistakes. For instance, a malicious actor may reach out to an employee via mobile posing as an internal IT team member in an attempt to coax the targeted employee into sharing or resetting their password. Even a minor slip-up by an employee can present significant opportunities for enterprise data breaches. According to IBM, “The global average cost of a data breach in 2023 was USD 4.45 million, a 15% increase over three years.”

“The bulk of ​enterprise data is now housed in the cloud, notably within SaaS and private applications. Everything — and everyone — is more distributed and difficult to safeguard, exposing an enterprise’s data to more and more risk across a rapidly evolving threat landscape,” said David Richardson, Vice President of Endpoint and Threat Intelligence, Lookout. “These findings underscore the critical need for organizations to prioritize their cybersecurity measures, particularly in addressing the escalating threat of mobile phishing attacks that could result in the loss of sensitive corporate data.”

Backed by a world-class mobile threat intelligence team, Lookout offers a defense-in-depth approach to cybersecurity that is designed to protect an organization’s data against the Modern Kill Chain. With the largest database of threat telemetry, Lookout has a deep understanding of mobile and cloud threats. The Lookout Cloud Security Platform can stop modern breaches as swiftly as they unfold, from the first phishing text to the final cloud data extraction.