Published on: April 27, 2023
SafetyDetectives spoke with Aaron Cockerill, CSO of Lookout, about the rise of phishing attacks, primarily on mobile devices, its security implications, how enterprises can protect themselves, and a few tips for how to protect yourself from mobile phishing attacks.
Aaron joined Lookout with nearly 20 years of software product management experience. As the Chief Strategy Officer, Aaron is responsible for developing, validating, and implementing cross-functional strategic product initiatives that align with the Lookout vision of a secure connected world. Most recently, he served as VP of Mobile Technologies at Citrix, where he and his team were responsible for the development of Citrix’s mobile apps and container technology while driving the acquisition of Zenprise. Prior to working on mobile technologies, Aaron drove the creation of Citrix’s desktop virtualization product, XenDesktop, which grew into more than $1 billion yearly revenue for Citrix during his five years of leadership. Before joining Citrix, Aaron worked for Akamai, leading product management on their enterprise content delivery solution as well as working on the development and deployment of many of Akamai’s advanced content delivery networking technologies. Prior to that, Aaron led product management for OneSoft’s e-commerce system, and he held multiple positions at BHP Billiton in Australia. He holds a BE Materials (Honors) from Wollongong University, Australia.
What services and solutions does Lookout offer, and how do these differ from competitors?
Lookout protects your data. Lookout combines endpoint detection and response technology with cloud security to secure data from endpoint to cloud. Today’s cyber criminals focus on the theft of data for financial gain. But today, business is done through data exchange. Locking up a company’s data to protect it from cyber criminals essentially stops business. Lookout provides solutions to safely share data and enable business. We do this by firstly making data available to any network or device through a centralized policy infrastructure – ensuring your data is accessible, but that access is least privileged and only when required. We then assess risk based on endpoint telemetry and data sensitivity, and use this information to enable data to be shared – safely. Our approach of integrating endpoint to cloud security into a single platform is unique in our industry, and we believe, necessary for businesses to embrace digital transportation and a hybrid workforce.
What were some of the most surprising findings of Lookout’s Global State of Mobile Phishing Report?
The report findings tell us that mobile phishing – scams and fraudulent messages sent to victims via mobile devices, including smartphones, laptops, and tablets – is growing at alarming rates. 2022 had the highest percentage of mobile phishing encounter rates ever, and more than 30% of both personal and enterprise mobile device users were exposed to these attacks each quarter. We also found that individuals are tapping on more and more mobile phishing links compared to just two years ago, an indication that these attacks are getting harder to distinguish from legitimate messages.
What are the security implications for enterprises given the rise in mobile phishing threats?
The potential annual financial impact of mobile phishing – alone – is nearly $4 million. But mobile phishing is typically the initial vector of a larger coordinated attack. We found organizations operating in highly regulated industries, including insurance, banking, legal, healthcare, and financial services, were the most heavily targeted enterprises and see higher rates of mobile phishing threats to their employees on both personal and corporate devices. This is because these organizations are being targeted by ATPs. The phishing attacks targeting these organizations aim to harvest employee login credentials, as this opens the door for bad actors to gain wider access to sensitive data and systems within the organization.
How can enterprises adapt their security strategies, processes, and toolsets to better defend against mobile phishing?
It is critical for organizations to evolve their cybersecurity strategy to proactively combat mobile phishing. Too often we see security teams try to add mobile security as an afterthought to their overall security strategy. However, the nature of both work and personal life is now so heavily dependent on mobile devices, and the lines between personal and work life are irreversibly blurred. Threat actors understand this and thus are taking full advantage, targeting users on personal and company-issued devices alike. Mobile phishing protection should be a top priority for organizations of all sizes, and it needs to be a core tenet of the overall security strategy. It’s also important to embrace the reality of modern work – employees are increasingly remote or coming into the office only part of the time, and BYOD (bring your own device) is ubiquitous. Organizations need to abandon on-prem point products and adopt cloud-native solutions that more efficiently protect mobile endpoints and SaaS apps while allowing the flexibility to use any device and improve worker productivity.
Do you have any tips or advice for individual mobile device users to protect themselves against mobile phishing?
First, it’s incredibly important to be aware of these threats and how they target individuals. Phishing does not just come from email anymore – it’s in SMS texts, it’s in messaging apps like WhatsApp, Signal, and Telegram, and it’s in social media platforms. Threat actors are constantly evolving their tactics and improving the sophistication of these messages, but there are a few core characteristics to watch for, including any message that is trying to spark fear or panic and urge you to take immediate action. For example, telling you your bank account has been hacked and the only way to prevent your life’s savings from being stolen is to wire the account balance to the bank manager. Consumers should also consider security solutions for their own personal devices that prevent malware and viruses, block malicious links and protect data stored on these devices.