Gaming apps on corporate devices ‘main source’ of mobile phishing attacks

Analysis of 100,000 corporate devices shows more than a quarter of traffic going to phishing domains was from gaming apps.

Gaming apps are the most likely source of phishing attacks on corporate devices, according to research by mobile security firm Wandera.

The company tested 100,000 corporate devices to analyse how much traffic was going to phishing domains, and pinpointed gaming (25.6%) and email apps (18.9%) as most likely to be misappropriated by hackers.

Hackers use phishing to gain access to sensitive information about a user, such as bank details, when the victim clicks a particular link. Email is known to be a major source of phishing attacks, but the research revealed that 81% of this nefarious traffic came from other places, such as gaming, sports, productivity and messaging apps.

In the case of gaming, hackers can create fake copies of popular apps and use their platform to gather information on users, while messaging apps can provide attackers with an access point to sensitive business data by spoofing legitimate corporate domains to fool corporate users into responding.

Although the corporation has conducted basic training around best practices for employee behaviour (for example; never clicking on links in unsolicited emails or shared through mobile apps, and refraining from sharing credentials or personal information with anyone via any mobile channel) it is inevitable that someone in an organisation will make a mistake and be attacked.

That´s why absolutely vital that to have a security solution in place that is able to monitor and intercept any traffic directed at phishing sites.