May 6, 2024

Lookout Survey Reveals Critical Gaps in Mobile Endpoint Protection That Could Compromise Sensitive Corporate Cloud Data

97% of Respondents Believe That Malicious Mobile Apps Could Potentially Result in the Leakage of Sensitive Corporate Cloud Data

SAN FRANCISCO, May 6, 2024 – A new survey conducted by Lookout, Inc., the data-centric cloud security company, unveiled concerning trends regarding mobile phishing attacks targeting the employees of enterprise organizations. The survey, completed by 250 United States-based CISOs and other mobile and cloud cybersecurity leaders, sheds light on the urgent need for enhanced measures to combat this growing threat. 

An overwhelming 97% of respondents believe that malicious mobile apps or extensive mobile app permissions, such as access to contacts, SMS, camera and microphone, pose a threat to their organization and could result in the leakage of sensitive data. Within the last six months, 75% of organizations experienced mobile phishing attempts targeting their employees.

As seen with Scattered Spider attacks against enterprises, employee ​accounts ​were compromised within minutes of the attack's initiation, followed by immediate internal social engineering via platforms including Slack, email and Microsoft Teams. Sensitive data was stolen within the first five minutes of the attack. The Modern Kill Chain, as defined by Lookout, emphasizes that it is crucial to respond to an attack as quickly as possible. However, the following survey results highlight the fact that a majority of organizations aren’t adequately equipped to respond swiftly to meet the rapid nature of today's threats.

When asked how long it would take for their organization to respond to a mobile phishing attack, only 12.8% of the participants said they could respond instantly. 36.8% estimated a response time of 15 minutes to one hour, 30.8% stated a response time of two to four hours, 12% within five to eight hours and 7.6% were uncertain. Survey participants who cited a response time exceeding 15 minutes attributed their delayed action to two primary factors: insufficient automation and overwhelming data volume.

Participants were also surveyed on internal defense exercises. Results showed that less than one third of respondents conduct internal simulations of SMS phishing (33%), social engineering (32%), QR code phishing (30%) or voice phishing (30%).

Lookout data shows a growing trend of malicious actors utilizing social engineering tactics, particularly targeting users' mobile phones to pilfer credentials that could allow direct access to sensitive corporate data that resides in the cloud. When attackers exploit the likelihood of human error in mobile device usage, they can capitalize on the inevitability of occasional mistakes. For instance, a malicious actor may reach out to an employee via mobile posing as an internal IT team member in an attempt to coax the targeted employee into sharing or resetting their password. Even a minor slip-up by an employee can present significant opportunities for enterprise data breaches. According to IBM, "The global average cost of a data breach in 2023 was USD 4.45 million, a 15% increase over three years." 

“The bulk of ​enterprise data is now housed in the cloud, notably within SaaS and private applications. Everything — and everyone — is more distributed and difficult to safeguard, exposing an enterprise’s data to more and more risk across a rapidly evolving threat landscape,” said David Richardson, Vice President of Endpoint and Threat Intelligence, Lookout. “These findings underscore the critical need for organizations to prioritize their cybersecurity measures, particularly in addressing the escalating threat of mobile phishing attacks that could result in the loss of sensitive corporate data.”

Backed by a world-class mobile threat intelligence team, Lookout offers a defense-in-depth approach to cybersecurity that is designed to protect an organization’s data against the Modern Kill Chain. With the largest database of threat telemetry, Lookout has a deep understanding of mobile and cloud threats. The Lookout Cloud Security Platform can stop modern breaches as swiftly as they unfold, from the first phishing text to the final cloud data extraction. 

Note to Editors

The data is sourced from the independent research company Censuswide which, in April 2024, surveyed 250 U.S.-based CISOs and other mobile and cloud cybersecurity leaders.

Additional Resources:

  • Learn more about the Modern Kill Chain in this webinar with Aaron Cockerill, Lookout Executive Vice President of Product and Security.
  • Request a demo
  • Listen and subscribe to Security Soapbox, the Lookout podcast covering privacy, security, and everything in between.

About Lookout

Lookout, Inc. is the data-centric cloud security company that uses a defense-in-depth strategy to address the different stages of a modern cybersecurity attack. Data is at the core of every organization, and our approach to cybersecurity is designed to protect that data within today’s evolving threat landscape no matter where or how it moves. People — and human behavior — are central to the challenge of protecting data, which is why organizations need total visibility into threats in real-time. The Lookout Cloud Security Platform is purpose-built to stop modern breaches as swiftly as they unfold, from the first phishing text to the final cloud data extraction. We are trusted by enterprises and government agencies of all sizes to protect the sensitive data they care about most, enabling them to work and connect freely and securely. To learn more, visit and follow Lookout on our blog, LinkedIn and X.


Sign-up for the latest Lookout news and threat research

By subscribing you agree with our Privacy Policy
Follow on