There has been seen a surge in cyberattacks, threat actors are extensively going after mobile phishing attacks and victimizing the energy sectors, pharmaceuticals industries, government entities, and finance departments by targeting workers with phishing and malware campaigns designed to take advantage of potential security vulnerabilities in smartphones and tablets.
Recently, a report has been published by cybersecurity researchers at Lookout in which they warned energy sectors against cybercrimes. According to the report, there has been a great surge from 2020 (161%) in mobile phishing attacks targeting the energy sectors. Threat actors strive to break into networks used to provide services including gas and electricity.
Cyber attacks through mobile phishing against energy sectors globally account for around 17% which is higher than other sectors including finance, pharmaceuticals, government, and manufacturing. Notably, these independent cyber criminals are not the only threat against energy sectors, state-backed threat actors are also targeting networks of energy providers.
"The energy industry is directly related to the wellbeing and safety of citizens, globally," Stephen Banda, senior manager of security solutions at Lookout, reported.
"Threat actors know that mobile devices aren't usually secured in the same way as computers. For this reason, mobile phishing has become one of the primary ways threat actors get into corporate infrastructure," said Banda.
"By launching phishing attacks that mimic the context that the recipient expects, attackers are able to direct a user to a fake webpage that mimics a familiar application login page. Without thinking, the user provides credentials and data has been stolen," he added.
Phishing emails and malware become more difficult to notice in smartphones and tablets because the smaller screen provides very few opportunities while smartphones and tablets might not be secured as comprehensively as laptops and desktop PCs, it creates opportunities for attackers to compromise networks.
"The majority of attacks start with phishing, and mobile presents a multitude of attack pathways. An anti-phishing solution must block any communication from known phishing sites on mobile devices — including SMS, apps, social platforms, and email," said Banda.