The rapid growth in Mobile Devices and app usage has created an ever-growing attack surface and risks in organizations.
According to last year’s report, 60% of endpoints accessing company assets were mobile devices.
Mobile-powered firms must strengthen mobile security procedures to secure employee’s personal data and critical organizational information.”
Improper configurations and minimal user awareness of phishing and smishing create devices prone to high-security risks.
Zimperium, a mobile security platform for mobile devices and apps, has released its highly anticipated Global Mobile Threat Report 2023.
Mobile Threat Report Key Findings:
As per the Global threat report of 2023 is that 43% of all compromised devices were fully exploited, an increase of 187% year-over-year.
Phishing attacks on mobile devices are becoming more prevalent. 80% of phishing sites are designed to run on both desktop and mobile platforms.
Meanwhile, SMS phishing or smishing attacks are six to ten times more likely to be successful than email-based attacks.
From their anti-phishing technology, they have found an average of four malicious/phishing links clicked from every device
EMEA and North America have the greatest percentage of infected devices, with EMEA at 35% and North America at 25%, respectively.
Both Apple and Android saw increasing instances of detected vulnerabilities.
A 138% increase in critical Android vulnerabilities was discovered in 2022, while Apple iOS accounted for 80% of the zero-day vulnerabilities actively exploited in the wild.
Improper cloud storage configurations in mobile apps are a leading attack surface. ±2% of all iOS and ±10% of all Android mobile apps accessed insecure cloud instances.
In order to succeed, businesses need to adopt a mobile-first security strategy, in which risk is continuously prioritized and assessed as close to the user and device as feasible, and where the vulnerability posture is baselined and assessed regularly so that operations may take place in a known state with full visibility.
They need to take prompt action in the areas of risk identification and mitigation, including the use of zero trust and conditional access workflows, XDR, and autonomous third-party integrations, as well as the assessment and maintenance of knowledge regarding global privacy rules.
“This should be a wake-up call for enterprises to increase focus and investment in mobile security tools and practices.”
“AI-based email security measures Protect your business From Email Threats!” – Request a Free Demo.