“Phishing using HTTPS is not entirely new,” said Krishna Vishnubhotla, vice president of product strategy at Zimperium. “Last year’s report revealed that, between 2021 and 2022, the percentage of phishing sites targeting mobile devices increased from 75% to 80%. Some of them were already using HTTPS but the focus was on converting campaigns to target mobile. “
“This year, we’re seeing meteoric growth in this mobile strategy, which is a sign of maturing mobile strategies, and it makes sense. The mobile form factor is helpful in tricking the user because they rarely see the URL in the browser or a quick redirect. Furthermore, we tend to believe that a link is secure if we have a padlock icon next to the URL in our browsers. Especially on mobile phones, users should look beyond the lock icon and carefully verify the domain name of the website before entering any sensitive information,” said Vishnubhotla.
The rise of phishing attacks targeting mobile phones highlights the critical need for advanced, AI-driven security solutions that can detect and block sophisticated threats in real time, said Stephen Kowski, chief technology officer of Field SlashNext. “As threat actors increasingly use secure protocols such as HTTPS, traditional security measures are no longer sufficient to protect users and organizations.”
Source link