BPMN, EPK or Value Stream: CIOs Method Choice 2026
Eva Mickler
8 Min. reading time · Status: April 2026 Business process modeling was for many CIOs a tooling issue. ...
Read Article
Mobile devices are increasingly becoming targets of various phishing attacks. Private users are often the primary victims, but infected smartphones can also impact businesses. Early detection is crucial.
[/vc_column_text][/vc_column][/vc_row]
Four out of five phishing sites target mobile devices. Scams range from SMS phishing (smishing) to voice phishing (vishing), as well as app, email, and social media phishing. Initially, these attacks typically hit private users, but once devices are infected, they pose a threat to business environments. Undetected malware on smartphones can be designed to steal passwords and intercept one-time passwords (OTP) to gain access to corporate networks, critical applications, and data.
HTTPS Sites Do Not Guarantee Security
Traditional security measures are no longer sufficient to protect mobile devices and the enterprise applications running on them. This is because attackers are increasingly using HTTPS connections to lull users into a false sense of security, according to the specialist magazine IT-Sicherheit.
Here are some figures on mobile phishing:
- Approximately 87 percent of phishing websites operate as HTTPS deception schemes. Attackers typically host multiple such fraudulent URLs on a single domain. This increases the risk of credential theft because many users often use the same or very similar passwords.
- Mobile browsers are now the primary targets of phishing sites in 78 percent of cases. Many of the affected domains receive an SSL certificate just two hours after registration, allowing them to mimic secure connections.
- While half of phishing sites are discovered within a week, the other half remain undetected and thus pose a zero-day threat. Therefore, it is crucial to implement continuous real-time detection of attacks on mobile devices.
Mobile security is therefore at the top of the comprehensive list of IT security solutions that companies should currently focus on. Other essential measures include setting up firewalls, authentication protection, intrusion detection, effective defense against Distributed Denial of Service (DDoS) attacks, Security Information and Event Management (SIEM), vulnerability management, and dark web monitoring.
Cyberattacks such as ransomware and phishing are on the rise and increasingly AI-driven, necessitating appropriate countermeasures.
Companies should therefore bring in experienced IT service providers like Axians early on to effectively protect the hardware used by their employees – both mobile and stationary – the connected IT systems, and sensitive data.
Source of title image: Adobe Stock / tonstock