There’s been a big rise in phishing attacks designed to specifically target smartphones as cyber criminals look to exploit our increased reliance on these tiny screens.
Previously, many phishing websites were device agnostic, set up to steal usernames and passwords regardless of whether the user was clicking the link from a computer or mobile. But cybersecurity researchers at Zimperium have analysed hundreds of thousands of phishing websites and found that there’s been a significant rise in websites designed specifically for mobile phishing attacks, now making up three quarters of all phishing sites.
The smaller screens of smartphones and other mobile devices make it more challenging for users identify phishing emails and malicious websites.
For example, the sender address is more prominent on a desktop browser than on mobile, meaning that unless a user really examines the email, they might not notice it’s being sent from a phoney address.
It’s also more difficult to see the address of links on mobile devices. When using a laptop or desktop computer, the user can hover the mouse curser over the hyperlink, which can reveal the URL – potentially alerting them to it being malicious, particularly if it features poor spelling or large strings