Lookout, Inc., the data-centric cloud security company, released the Lookout Mobile Threat Landscape Report for Q1 2024. According to Lookout data, in the first quarter of 2024, the number of phishing, malicious, denylisted and offensive links delivered to Lookout customers’ mobile devices tripled compared to Q1 2023. Lookout also saw a massive jump in social engineering and phishing attempts and attacks targeting multi-factor authentication (MFA) solutions.
The Lookout Mobile Threat Landscape Report is based on data derived from the Lookout Security Cloud’s ever-growing AI-driven mobile dataset that analyzes data from more than 220 million devices, 325 million apps and billions of web items.
Lookout data for Q1 2024 also shows:
- As of today, more than 20% of iOS users are still using outdated versions, leaving their devices and data vulnerable to exploits. Lookout mobile security experts recommend immediately updating to the latest version to protect against lingering vulnerabilities.
- Top device misconfigurations include out-of-date OS (37.7%), no device lock (14.2%), out-of-date Android Security Patch Levels (ASPL) (13.6%) and non-app store signer (2.2%).
- The most critical families of mobile malware weighed heavily towards mobile (Android) surveillanceware.
- The top ten most common mobile app vulnerabilities encountered by Lookout users in Q1 2024 were all in components of mobile browsers. Attackers exploit these vulnerabilities using maliciously crafted web pages delivered via links. Since most mobile devices run Chrome, Firefox, Safari, or Edge, attackers target these browsers, hoping users haven’t updated to patched versions.
In April 2024, Lookout conducted a survey among 250 U.S.-based CISOs and cybersecurity leaders that underscores the growing need for Mobile Threat Defense. An overwhelming 97% of respondents believe that malicious mobile apps or extensive mobile app permissions – such as access to contacts, SMS, camera and microphone – pose a threat to their organization and could result in the leakage of sensitive data. Within the last six months, 75% of organizations experienced mobile phishing attempts targeting their employees.
As seen with Scattered Spider attacks against enterprises, employee accounts were compromised within minutes of the attack’s initiation, followed by immediate internal social engineering via platforms including Slack, email and Microsoft Teams. Sensitive data was stolen within the first five minutes of the attack. The Modern Kill Chain, as defined by Lookout, emphasizes that it is crucial to respond to an attack immediately.
“Reflecting on the first quarter of 2024, this report encapsulates our discoveries, affirming that mobile threats have shifted from the sidelines to the forefront of contemporary cybersecurity strategies,” said David Richardson, Vice President of Endpoint and Threat Intelligence, Lookout. “Organizations must be equipped to respond swiftly to meet the rapid nature of today’s threats. In navigating this landscape, Lookout is unrivaled in understanding the nuances of mobile security and how mobile attacks lead to organizations being compromised.”
Mobile Threat Defense Industry Leadership
Backed by a world-class mobile threat intelligence team, Lookout offers a defense-in-depth approach to cybersecurity that is designed to protect an organization’s data against the Modern Kill Chain. With the largest database of threat telemetry, Lookout has a deep understanding of mobile and cloud threats.
The Lookout Security Cloud has identified 450,000,000 phishing and malicious sites since 2019. In Q1 2024, the total number of sites blocked by Lookout’s Mobile Threat Defense solution, Lookout Mobile Endpoint Security, surged by 273% compared to Q1 2023. There was an increase of 290% in the blocking of denylisted and offensive content, alongside a substantial uptick of 97.8% in preventing enterprise phishing attempts and malicious web attacks.
Lookout Mobile Endpoint Security is the industry’s most advanced Mobile Threat Defense solution to deliver mobile endpoint detection and response (Mobile EDR). Lookout provides visibility into mobile threats and state-sponsored spyware, while also protecting against mobile phishing and credential theft that can lead to unauthorized access to sensitive corporate data. Lookout is FedRAMP JAB P-ATO Authorized and available through CDM DEFEND, trusted by enterprise and government customers to protect sensitive data, enabling the workforce to connect freely and safely from any device.
Lookout Threat Lab: Empowering Security Teams with Mobile Threat Intelligence
Lookout collects and analyzes proprietary data points to provide customer security teams with comprehensive protection capabilities against mobile cyber attacks. Its advanced threat intelligence and AI machine learning technology ensure that mobile devices are safeguarded from the latest threats.
Additional Resources:
- Learn more about the Lookout Threat Lab and Lookout Mobile Endpoint Security.
- To take an interactive walk through how Lookout Premium customers can conduct proactive research on mobile malware in the Lookout console, view this demo video.
- Listen and subscribe to Security Soapbox, the Lookout podcast covering privacy, security, and everything in between.
About Lookout
Lookout, Inc. is the data-centric cloud security company that uses a defense-in-depth strategy to address the different stages of a modern cybersecurity attack, which now starts with mobile. Data is at the core of every organization, and our approach to cybersecurity is designed to protect that data within today’s evolving threat landscape no matter where or how it moves. People — and human behavior — are central to the challenge of protecting data, which is why organizations need total visibility into threats in real time, starting with the mobile endpoint. The Lookout Cloud Security Platform is purpose-built to stop modern breaches as swiftly as they unfold, from the first mobile phishing text to the final cloud data extraction. We are trusted by enterprises and government agencies of all sizes to protect the sensitive data they care about most, enabling them to work and connect freely and securely.