Lookout, Inc., the data-centric cloud security company, is warning employees and businesses that phishing attacks across enterprise and personal devices are expected to more than double this week, based on historical data.
With more corporate data residing in the cloud today and an increased number of employees working remotely, mobile has become the endpoint of choice for the modern workforce. However, since these devices have traditionally been neglected as part of a company’s overall security strategy, they have also become the most susceptible target for external hackers to gain access to corporate cloud infrastructure through social engineering and credential theft.
During the busy Black Friday shopping week, the risk of being targeted by a malicious phishing campaign only increases as employees are more distracted and moving quickly to get the best deals on their holiday purchases. This creates a perfect opportunity for potential hackers to carry out socially engineered phishing attacks that can lead to credential theft and direct access to sensitive corporate data.
The warning comes as new Lookout research reveals that:
- Two in five employees (63%) admit that they are more distracted during Thanksgiving week as they juggle work and play during the holiday.
- The vast majority of employees (89%) will capitalize on Black Friday and Cyber Monday sales with more than half (57%) admitting they are more likely to click on unfamiliar links in search of good deals.
- Two-thirds of employees (66%) will shop on personal mobile phones which are notoriously overlooked in security planning – in fact, nearly half of workers (47%) reported their employer provides no mobile security platform for device protection.
- The research finds that the most popular social media apps that will be used on mobile by employees this week are Facebook (76%), Instagram (63%) and TikTok (50%).
“As shoppers look to take advantage of the best online sales, fraudsters will do the same. But rather than discounted gifts, the best deal for a cybercriminal is access to corporate data that can then be distorted and/or sold for huge sums of money,” said David Richardson, Vice President of Endpoint and Threat Intelligence, Lookout. “A popular technique is to target employees on their mobile devices through social engineering – dodging traditional enterprise security protection by messaging the victim via their personal messaging accounts. Last year, we saw a huge spike in phishing rates. As employees are distracted by shopping on their mobile device, CISOs face a significant phishing risk. But rather than just focusing on the particular methods attackers may use this Thanksgiving, businesses should take a data-centric approach and monitor for changes in user behavior and anomalous data transfers.”
The survey follows the 2022 Lookout Global State of Mobile Phishing Report which found:
- In 2022, more than 50% of personal devices were exposed to a mobile phishing attack every quarter.
- The percentage of users falling for multiple mobile phishing links in a year is increasing rapidly year over year.
- Organizations that operate in highly regulated industries – including insurance, banking, legal, healthcare and financial services – were the most heavily targeted enterprises.
Notes to Editors
The data is sourced from independent research company Censuswide which, in November 2023, surveyed 1,515 U.S.-based enterprise employees.
Additional Resources:
- Learn more about Lookout Mobile Endpoint Security and the Lookout Cloud Security Platform.
- Sign up for a complimentary Data Risk Assessment.
- Listen and subscribe to Security Soapbox, the Lookout podcast covering privacy, security, and everything in between.
About Lookout
Lookout, Inc. is the data-centric cloud security company that delivers zero trust security by reducing risk and protecting data wherever it goes, without boundaries or limits. Our unified, cloud-native platform safeguards corporate data across devices, apps, networks and clouds and is as adaptive and simple as the modern digital world. Lookout is trusted by enterprises and government agencies of all sizes to protect the sensitive data they care about most, enabling them to work and connect freely and safely. To learn more about the Lookout Cloud Security Platform, visit www.lookout.com and follow Lookout on our blog, LinkedIn and Twitter.
© 2023 Lookout, Inc. LOOKOUT®, the Lookout Shield Design®, and LOOKOUT with Shield Design® are registered trademarks of Lookout, Inc. in the United States and other countries. DAY OF SHECURITY®, LOOKOUT MOBILE SECURITY®, and POWERED BY LOOKOUT® are registered trademarks of Lookout, Inc. in the United States. Lookout, Inc. maintains common law trademark rights in EVERYTHING IS OK, PROTECTED BY LOOKOUT, CIPHERCLOUD, the 4 Bar Shield Design, and the Lookout multi-color/multi-shaded Wingspan design.
View source version on businesswire.com: https://www.businesswire.com/news/home/20231121107948/en/