We’ve all seen reports of multinational companies falling victim to cyber attacks on the news — SolarWinds, Colonial Pipeline and JBS Foods just to name a few — but recently, many of us have started to experience this phenomenon firsthand. The rise in remote work has increased the frequency, sophistication and impact of phishing attacks.
The Risk to Mobile Employees
Mobile employees are using mobile devices more than ever to access company data, something hackers are taking advantage of by exploiting security gaps. According to a new survey from IT automation platform, Ivanti, 74% of respondents said their organizations have fallen victim to a phishing attack in the last year. Respondents also revealed that not only are phishing attempts increasing in volume, they’re getting harder to catch. Even IT professionals aren’t safe. 73% of respondents reported that their IT staff had been targeted, and nearly half (47%) of those phishing attempts succeeded.
The latest attacks to gain traction among mobile users are smishing (phishing via SMS text message) and vishing (phishing via a phone call) scams. This is likely because, according to research from Aberdeen, attackers have a higher success rate on mobile endpoints than on servers. In fact, the annualized risk of a data breach resulting from mobile phishing attacks has a median value of about $1.7 million.
Why is This Happening?
Employees are especially vulnerable to new phishing attacks that utilize mobile technology because most people aren’t familiar with these schemes or have the tools to protect themselves from falling victim to them. According to Ivanti, 37% of respondents cited a lack of both technology and employee understanding for successful phishing attacks. It’s become a struggle for IT professionals to simultaneously address successful attacks on other employees while trying to prepare systems to handle new and more sophisticated threats.
The problem is only made worse for companies experiencing IT staff shortages. 52% of respondents claimed their organization has suffered from staff shortages in the past year. That means when an employee clicks on a mystery link in a text message or shares sensitive information over the phone with the wrong person, the time it takes their overworked IT team to respond is longer and more damage is done. 46% of those surveyed cited increased phishing attacks as a direct result of staff shortages
Prepare Mobile Employees
The first thing companies need to realize is that any employee, regardless of technical expertise, can fall victim to cyber attacks. Hackers develop new scams everyday, and while you can’t foresee all of them, you can still implement cybersecurity training for all employees. If you already have a program like this, make sure it’s updated to cover the risk of phishing attempts via mobile devices.
In terms of IT security, your company should also adopt a Zero Trust strategy. Strict identity verification should be mandated for every person and device trying to access your private network, whether they’re sitting within or outside the network perimeter. To properly protect all employee devices, you should also employ a Unified Endpoint Management (UEM) approach. UEM allows companies to secure, manage and deploy corporate resources and applications on any device from a single console.
Stay Secure With CompanyMileage
When your mobile employees are away from the workplace, it’s especially difficult to ensure they’re protected from cyber threats at all times. When you use CompanyMileage’s suite of products, you can be confident that IT security is taken care of. Our three-tiered security approach includes extensive data encryption initiatives, secure facilities and equipment and privacy policies. When hackers go after your mobile employees, you need solutions that not only help them do their jobs, but protect them from cyber attacks, too.
To learn more about SureMileage, SureMobile and SureExpense, schedule a demo with CompanyMileage today.