Mobile phishing incidents targeting enterprises are on the rise, with the cost of single incidents potentially running into the hundreds of millions, according to research published today by Lookout.

The company’s 2020 Mobile Phishing Spotlight Report found that mobile phishing incidents grew by 37% between the fourth quarter of 2019 and the first quarter of 2020.

Furthermore, it found that such incidents can be incredibly costly for enterprises. Lookout found that it could cost an organisation with 10,000 mobile devices up to $35m for a single mobile phishing incident, or up to $150m for an organisation with 50,000 mobile devices.

Industries at particular risk included healthcare, manufacturing and legal, due to the sensitive nature of the data they are involved with or the potential disruption to operations.

Notably the rises were not uniform around the world. While Europe, the Middle East and Africa saw a 25.5% rise and Asia Pacific saw a 27.7% rise, North America saw mobile phishing incidents grow by 66.3%.

Phishing incidents move to mobile as attack types evolve

Mobile phishing has become increasingly commonplace due to smartphones’ valuable placement between users’ personal and professional lives.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

“Smartphones and tablets are trusted devices that sit at the intersection of their owner’s personal and professional identity,” said David Richardson, vice president of product management at Lookout.

“Cybercriminals are exploiting the ability to socially engineer victims on their mobile device in order to steal their credentials or sensitive private data.”

However, it has proved particularly effective due to the nature of the hardware.

“Phishing has evolved into a massive problem that expands far beyond the traditional email bait and hook,” said Phil Hochmuth, program vice president of enterprise mobility at IDC.

“On a small screen and with a limited ability to vet links and attachments before clicking on them, consumers and business users are exposed to more phishing risks than ever before. In a mobile-first world, with remote work becoming the norm, proactive defence against these attacks is critical.”


Read more: Slack webhooks risk phishing attacks, researchers warn