Lookout recently released the Lookout Mobile Threat Landscape Report for Q2 2024. The report highlights insights behind a 70% YOY increase in mobile phishing and malicious web content, dissects a new mobile surveillanceware family and notes a significant increase in attacks that enable root access to iOS devices. Lookout data also shows that even if an organization manages employee devices with only a Mobile Device Management (MDM) solution, those employees are just as likely to encounter a phishing attack as organizations that don’t use MDM.
The Lookout Mobile Threat Landscape Report is based on data derived from the Lookout Security Cloud’s ever-growing AI-driven mobile dataset of more than 220 million devices, 325 million apps and billions of web items. The Lookout Security Cloud has identified 462 million phishing and malicious sites since 2019. In addition, it leverages AI to analyze data and identify malware, phishing attacks, and other sophisticated network-based threats.
Lookout data for Q2 2024 also reveals:
- A substantial uptick of 40.4% in mobile phishing attempts and malicious web attacks targeting enterprise organizations.
- More than 80,000 malicious apps were detected on enterprise mobile devices. Mobile app threats can vary widely, from invasive permissions and riskware that pose significant compliance risks to sophisticated spyware capable of tracking devices, stealing data, eavesdropping on conversations and accessing the user’s camera and microphone.
- In Q2, Lookout protected customers against 47 new mobile malware families, and customers were given enhanced protection against 101 known mobile malware families.
- Top device misconfigurations include out-of-date OS, out-of-date Android Security Patch Levels (ASPL), no device lock and non-app store signer.
- The most critical families of mobile malware continued to lean heavily towards Android surveillanceware.
- The top ten most common mobile app vulnerabilities encountered by Lookout users in Q2 2024 were in components of mobile browsers. Since all mobile devices have a browser, attackers target these vulnerabilities in particular, hoping users haven’t updated to patched versions.
MDM and MTD Serve Different Purposes
Lookout data also shows that employees are just as likely to face phishing attacks whether or not their organization manages their mobile devices with MDM. Mobile phishing is a widespread threat that can target any app with messaging capabilities. This includes not only email, SMS, iMessage, WhatsApp, and Telegram but also social media platforms like Instagram, TikTok, LinkedIn, mobile games and even dating apps.
MDM focuses on managing and controlling mobile devices within an organization, enforcing policies, and ensuring device compliance. On the other hand, Mobile Threat Defense (MTD) is specifically designed to detect and protect against mobile cybersecurity threats, providing real-time threat detection, remediation, and blocking capabilities. While MDM manages devices, MTD focuses on securing them from potential threats.
“Attackers have proven over and over again that targeting employees through mobile-based phishing attacks, such as SMS phishing and voice phishing, can be highly successful. To combat these threats, Lookout recommends implementing a comprehensive defense strategy that safeguards against multiple points of compromise, including mobile, cloud and data protection,” said David Richardson, Vice President of Endpoint and Threat Intelligence, Lookout. “MDM solutions are essential for managing enterprise environments and ensuring consistency across devices, but they are not designed to provide security. It’s important to view MDMs as a complement to MTD solutions, which can effectively protect against mobile phishing and other threats that MDMs cannot address.”