Report: Smartphone phishing attacks are up – Do this now

Hackers are turning toward our smartphones more than ever before.  A significant rise in threats and the number of malicious phishing mobile websites have been found by cyber security firm Zimperium.  Researchers analyzed hundreds of thousands of phishing websites being used for mobile attacks over the past year.

The staggering number of detected threats and mobile vulnerabilities is proof of the growing danger.  In the just-released study that spans over a year starting in January 2021, there were 2,034,217 new mobile malware samples detected in the wild.   The increase is what’s more alarming.  Researchers measured a 466% increase in exploited, zero-day mobile vulnerabilities.

Even when you think a phishing attack won’t happen to you,  23% of all mobile devices encountered malicious applications worldwide.  And get this stat: 42% of enterprises reported mobile devices and web apps led to a security incident of concern.

 

What is a phishing scam?

Generally speaking, a phishing scam is one where criminals pretend to be real organizations in their email and text message communications in order to steal your personal information.

 

How to detect an email phishing scam

Below is an example of such a phishing scheme I just received which claims it’s from Amazon.

The tips to look out for include:

  • In the email above, it says the email is from A M A Z O N (not Amazon) and the dead giveaway is that the email address is from a vincentlucas527@aol.com ?!
  • In the email above, the scammer wants to induce panic and urgency when you see:
    • that “Your package was sent to” an unfamiliar address with your name associated with it.
    • that items apparently purchased are high priced (TV) items

Don’t fall for it!  Always take a second to question whether what you’re receiving is real or not.  If you do question the authenticity of the email, go directly to the merchant source by typing it in your browser (i.e “Amazon.com” and look for any products that may have been shipped to another address using your account)

Examples of mobile attacks

  • hacking credentials to steal your money
  • hijacking control of your microphone and camera
  • scraping your exact location information to determine patterns and your whereabouts in realtime
  • taking over your mobile phone to compromise work systems
  • phishing attacks that direct you to a legit-looking malicious website

These deceptive mobile sites designed to trick you into downloading malware or stealing potentially damaging data now account for 75% of all phishing sites specifically targeting mobile devices.

 

Why hackers are targeting mobile phones more

We use our phones for just about everything in life.  Criminal hackers know it and are coming after our mobile devices with more frequent effective attacks from more directions.  One slip-up can mean a devastating financial loss and at the very least an extraordinary hassle recovering from the attack.

 

Smaller screens let in bigger trouble

Mobile phone users are typically are less carefully inspecting links that come our way on mobile phones versus computer screens.  It’s also much more difficult to examine potential threats on smaller mobile screens.

iPhone are generally safer than Android phones, but both are now being targeted heavily by cybercriminals.  Learning how these deeper growing threats happen will help raise a red flag so you can avoid it.
 

5 precautions to protect against mobile attacks

  1. Always keep your iOS or Android mobile software up to date
  2. Don’t respond to suspicious texts, email or social media links you did not ask to receive
  3. Avoid Unknown and unfamiliar apps and delete if not being used
  4. Scrutinize permissions being requested when downloading an app — less is better
  5. Install good security protection on all of your devices for the best protection.  I use the top pick TotalAV (Limited time deal: $19 your first year (80% off).  More: Best Antivirus Protection in 2022 found here.

 

 

 

Related posts

Suspicious apps found on Apple iPhone and Android – Delete ASAP

New NullMixer malware will spy and steal your personal info

New LinkedIn scam to watch out for

3 comments

Christy D Kennedy March 17, 2022 - 5:28 am
Kurt, do I need to be on my I-Pad or I-Phone to get the TotalAV? Or can I purchase this on my work computer and then download to my phone and I-pad?
Kurt Knutsson March 18, 2022 - 10:17 pm
Hi Christy, you can purchase this on your work computer and then download to your phone and iPad. Take a look at the article we just published that will walk you through the steps: https://cyberguy.com/ask-kurt/how-to-install-antivirus-software-onto-your-devices/
Pam Muller March 20, 2022 - 6:02 am
Happy to find this site.

Comments are closed.

Add Comment