Real Big Phish: Mobile Phishing & Managing User Fallibility

According to a recent survey from Ivanti, nearly three-quarters (74 percent) of IT professionals reported that their organizations have fallen victim to a phishing attack – and 40 percent of those happened in the last month alone. Increasingly, mobile phishing is the culprit. What’s more, nearly half of these professionals cited a lack of the necessary IT talent as one of the core reasons for the increased risk of phishing attacks. So how can organizations overcome the sudden increase in security threats and regain the upper hand against bad actors with fewer resources than ever before? Increasingly, it looks like zero-trust will become the ideal approach for doing more with less, because ultimately, it’s the users and their cyber-hygiene that’s the first line in phishing defense. Let’s take a look at the latest phishing trends. Where Big Phish Lurk in the Everywhere Pond As organizations across all industries have shifted to distributed work environments, it’s no longer the task of security teams to manage access to data and systems from a specific location. Rather, employees are accessing work-related information on their personal devices from locations all over the globe, making it significantly more challenging for IT personnel to track and verify each and every connected device. Because of this shift, bad actors have evolved their phishing attacks and are now focusing their efforts on employees’ personal mobile devices – and as our survey results showed, are finding…